In late June of 2017, AP Moeller-Maersk shut down its container operations at the Port of Los Angeles. It wasn’t due to labor relations problems, equipment malfunction or other reasons that have been known to thwart port operations. It was a cyber-attack.
In today’s climate of information technology, there’s no telling where hackers lurk or a cyber security compromises may occur. For the maritime industry and its extended supply chains, the threat is real and looming.
“At the local Maersk facility in L.A., terminal personnel had to return to the days of paper and pen to keep cargo moving,” says Jill Taylor, Homeland Security Manager with the Port of Los Angeles in San Pedro, Calif. “Thankfully, they were able to recover rather quickly, but there was still a worldwide impact. If it can happen to Maersk, it can happen to anyone.”
This is not the first alert to the cyber security risk posed for seaports. E. Anthony Incorvati is the Business Development Manager, Transportation for Axis Communications who provides network video as security for many commercial facilities. He says cyber security is a major concern for maritime and port security today and has been a top priority for the American Association of Port Authorities Security Council and many Port Authorities and federal agencies for some time.
“Ports are the economic engines of this country and the world, meaning any downtime caused by a breach could have a catastrophic impact on global supply chains,” says Icorvati. “While not always thought of as an early tech adopter, many ports have embraced the internet of things (IoT). While communications and information technologies are beneficial for operations, they also open ports up to being more vulnerable to cyber-attacks than ever before. Any connected network device being utilized, whether it is for operational efficiency or better physical security, can create a cyber security risk. This includes IP cameras, which are normally seen as fundamental to preventing physical security issues, and are potential forgotten as possible cyber vulnerability.”
Transportation infrastructure is often viewed as a target as it is a first line in disabling or doing harm to a supply chain. The effects of such an attack may ripple throughout the commerce that relies on it. Within transportation infrastructure though, maritime operations are truly vulnerable. Not only is a cyber threat part of the problem, but so are further acts of terror.
According to Orange Business Services – a global IT and communications services provider who has developed the Orange Maritime Connect single integrated solution platform managing a shipping fleet, cyber security is a real threat and many maritime shipping companies are not fully prepared. According to their research from Futurenautics, 43 percent of crews have sailed on a vessel that has been compromised by a cyber incident. 90 percent of mariners had never received any cyber security training or guidelines. 95 percent of breaches are caused by human errors. They also cite research stating that ship operators believe that data traffic will increase by nearly 60 percent over the next 2-3 years.
Great strides continue to be made in using technology to improve efficiency and reduce costs within ports and shipping. However, technology often brings increased risks according to Andrew Beckett, a managing director for Kroll, an information technology security consultancy, based in London.
“Systems which automate the movement of ISO containers can be hacked so that the containers are moved to a quiet area of the docks for the removal of smuggled items or in some cases, the removal of the entire container before it is processed by customs,” says Beckett. “The ability to access and alter electronic shipping records, bills of lading, and other documentation means that it is all but impossible to trace missing containers. Having CCTV and bar code scanning running on different, isolated systems provides the ability to collate records from multiple sources for verification purposes and makes it harder for illegal activity to go unnoticed. However, too often, those comprehensive systems are missing.”
Jill Taylor also believes the threat may extend beyond a cyber frontier to acts of terror. She points out those seaports with cruise terminals have some of the largest gatherings of people anywhere, with thousands of people embarking and debarking within a handful of hours inside a relatively small footprint. Taylor emphasizes that this is a vulnerability be vigilant in by planning and training.
Her concerns reach further as there is discussion about cutting off Federal port security grant funding to sanctuary cities. “In LA, the primary source of funding for our security system is the Department of Homeland Security’s Port Security Grant Program,” she says. “This funding has been instrumental in our ability to install layers of security to protect our Port. Since 2002, we have received over $80 million in Federal grant funding some of which has been used to prevent and/or mitigate the security concerns I just mentioned. We have built a Cyber Security Operations Center, which thwarts over 200,000 attacks per week, installed over 400 cameras on land and waterside and purchased Port Police patrol and training vessels. So, cutting off this funding to ports in sanctuary cities would be detrimental to the security of our Nation’s cargo and economy.”
In order to arrest the threats that prevail, it’s important to collaborate with other stakeholders within the intelligence community. Staying ahead of emergent threats means being aware of what others are thinking and to know more precisely what your facility and its location presents as risk.
“Living in a Country like [the] United States there are so many potential areas of vulnerability,” says Michael Graychik, Deputy Chief, Emergency Management and Operations Group, Los Angeles Port Police in San Pedro, CA. “We watch and respond to current threats. We have very frequent communications with our partners in the intelligence community and strive to stay ahead of emerging threats. We using training and planning to prepare and to lessen our exposure to all known threats.”
Graychik says that geographic location of their port is of great concern due to the open space of the California coast, its un-monitored coastline and the many security challenges it presents.
“Most commercial vessels are tracked and monitored but there is a threat that exists from smaller unmonitored recreational vessels,” he says. “The small vessel threat is something that has been discussed within the Maritime Law Enforcement Community for many years now.”
Turning to Technology
New technology is likely to shape the risk equation for all links in transportation supply chains. Investments in securing maritime operations are increasing in parallel to the security vulnerabilities of the marine supply chain infrastructure. With new technology is a heightened focus on having workforce in place that is dedicated to security.
The Port [of Los Angeles] Police uses a number technologies and partnerships to mitigate risks related the physical dimension of the maritime domain adds Graychick. “We are one of the few public safety departments that provide a full time contingent of officers to address our waterside security concerns,” he says. “Our Marine Unit is on the water 24/7, as well as a full time dive team to address underwater security threats.”
He says their patrol boats are equipped with the radiological and nuclear detection capabilities. Officers use this technology to passively scan all types of vessels as they transit in and out of the port. They also scan throughout the port’s marinas and along its 43 miles of shoreline.
“Our Hazardous Material Unit and Marine Unit work with a regional public safety consortium known as ‘Securing the Cities’, to provide random large scale, multi-agency, radiation and nuke detection operations for both the Ports of Los Angeles and Long Beach,” says Graychick. “Vessel screening is done on a large scale inside and outside of the port complex.”
In a marine environment however, new visual technologies can be a boon to security efforts. Security cameras are very sophisticated nowadays and can offer capabilities that go beyond the archaic vigilance and surveillance we associate with them.
“It is incredible what can be done with surveillance cameras today,” says E. Anthony Icorvati. “They are much more than cameras and more akin to computers with the processing power to enable intelligent applications that reside at the edge - or on the camera.
For example, thermal cameras have come a long way and are a must-have technology for maritime security, especially for perimeters. There are currently solutions available that can work with thermal cameras to allow for the detection of moving objects and long ranges with only a couple of pixels on targets needed. Intelligent software applications can take what is captured by a thermal camera and optimize it by connecting with a neighboring PTZ color camera, which can automatically track the object detected by the thermal camera.”
Other technologies aid in the authentication and identification of those in and around the maritime operations environment. Icorvati says his firm provides technology in support of worker validation as newer tools and technology are being used for verification and validation.
“The Transportation Worker Identification Credential (TWIC) is something all leaders in the maritime industry should be aware of. Given that many vessels and ports hold sensitive information or materials, it is important to ensure they are highly secured and regulated. It is a regulation enacted by the Maritime Transportation Security Act, affecting workers who require access to secure areas of the nation’s vessels,” he says.
Maritime Security & the Road Ahead
Tools and technology as well as a dedicated task force to bolster security are crucial. As threats and cyber risk increases it’s important to look to the future and stay focused on what’s ahead for the maritime industry, its infrastructure and the supply chain it supports from all sides.
“Going forward, cyber will continue to be a hot topic in port security,” says Taylor. “A company can put all necessary barriers in place to prevent an attack from a foreign country or outside entity, but still be exposed to the insider threat. Whether it is an unknowing employee opening up an infected email, or a disgruntled employee inserting a malicious thumb drive, there are numerous ways the network can be exposed to a virus from the inside. Security professionals know we cannot be complacent and this is particularly true with cyber. The message for proper cyber hygiene has to be circulated over and over again to employees at all levels within a company and protocols need to be enforced regarding the use of external devices. Information technology is ever evolving and the next cyber disaster could be just a click away.”
Icorvati also posits that the newfound utility of data security from information technology is a growing concern. The Internet of Things (IoT) and the opportunity it presents in extracting data and using it, is a source of concern for maritime security in the near term.
“The focus will be on connected devices, whether it is learning new ways to utilize connected devices for improved operational efficiency or physical security, it will continue to remain a priority,” he says. “As with most industries today, IT and physical security managers will continue to work more closely to help ensure that the entire entity is protected. With hackers becoming even more advanced, the access they can gain from an unprotected internet protocol (IP) camera to not only data, but other connected devices, can be disastrous.”
Nick Doyle, a managing director with Kroll in London adds that the design and integration of complex and innovative systems, alongside effective cyber, crisis management, and business continuity plans, will likely find their way into many, if not all, ports within the next three to five years. This will help ensure that ports are prepared to manage and respond to a diverse range of potential business impacts. He smartly points out that on the day of 9/11, U.S. airports remained closed. But after five hours ports were being reopened as the authorities realized how critical they are.
As attacks – both physical and cyber – continue to rise, maritime infrastructure must be riveted on reliable security measures.
Says Icorvati: “While many ports are considering the cyber security ramifications currently, over the next few years as attacks continue to rise and physical security improves, it will become the forefront of safety and security.”