4 minute read
Maritime Cybersecurity
By James Merten, Port Recovery Specialist, USCG Sector Columbia River Since the arrival of the internet and increased Increased connectivity gave computer viruses digital transformation initiated in recent years, and network intrusions the space to begin to the notion of cybersecurity has become a increase in quantity and severity. After the familiar subject both in our professional and spread of viruses in the 1990s, the 2000s marked personal lives. This article will discuss some of the institutionalization of cyber threats and the issues the entire maritime industry faces as cybersecurity. Finally, from the 2010s, largewell as some that we face here, locally. scale attacks and government regulations started emerging. Cybersecurity and cyber threats have been constant for the last 50 plus years of technological advancement. In the 1970s and 1980s, computer security was mainly limited to academia until the launch of the Internet. The maritime cybersecurity field is becoming increasingly significant due to the continuously expanding reliance on shipboard computer systems, the Internet and wireless network
Advertisement
standards such as Bluetooth and Wi-Fi and due to the growth of smart devices including smartphones, and the various devices that constitute the “Internet of things” (IoT). Cybersecurity is also one of the significant challenges in the contemporary world, due to its complexity, both in terms of political usage and technology. Its primary goal is to ensure the system's dependability, integrity, and data privacy.
Due to increased technology and connectivity on modern ships and vessels, cybersecurity has become a maritime security concern. Cyber Security has come under increased focus in the maritime industry since the International Maritime Organization (IMO) required cyber security to be addressed under the International Safety Management Code of ships effective January 1st, 2021.
In the Columbia-Snake River system, we have seen a number of cyber related incidents. From 2020- 2022 we saw 13 cybersecurity incidents ranging from email spoofing to issues from the SolarWinds attack in 2020. USCG Sector Columbia River continues to work to protect and harden maritime critical infrastructure through coordination and experience with our industry partners. Some of the organizational steps we are taking to improve cybersecurity related services to the industry include:
• Coast Guard deployable Cyber Protection
Teams that can help your organization with
Assess, Hunt, Clear, and Harden missions to safeguard your systems.
• We are hiring a civilian cybersecurity subject matter expert to manage all things cybersecurity related.
• Continued Industry coordination through the USCG led Area Maritime Security
Committee (AMSC) and Port Coordination
Team (PCT).
• Implement the new Coast Guard Cyber
Strategy. The Coast Guard Cyber Strategy includes maritime critical infrastructure that focuses on the following topics:
• Vessels
• Facilities
• Port complexes
• Intermodal connections
• Bridges
• Other components needed to operate the
MTS
• People who operate these systems & live/ recreate in our maritime domain.
DHS’s Cybersecurity and Infrastructure Security Agency (CISA) recently established their “Shields Up” website that provides recommendations for organizations to take now to adopt a heightened cybersecurity posture. It can be found at https://www.cisa. gov/shields-up and we recommend you share it with your stakeholders. The “Shields Up” program was recently developed because of cyber-attacks on the Ukrainian government and critical infrastructure organizations may impact organizations around the world to include here in the Pacific Northwest. While there are no specific or credible cyber threats to the U.S. at this time, every organization both large and small should prepare for, respond, and mitigate the impact of a cyberattack. When cyber incidents are reported quickly, we can use this information to render assistance and as warning to prevent other organizations and entities from falling victim to a similar attack.
Please report anomalous activity and/or cyber incidents 24/7 to the National Response Center (NRC) NRC@uscg.mil 1-800-4248802 for MTSA regulated facilities. For nonMTSA facilities please contact the Sector Columbia River Command Center 1-503861-6300.
Figure 2. Marine Transportation System Components It is really important that we all share information regarding cyber incidents with each other. Connecting our information has thwarted multiple attacks already. Hackers share with each other all the time, so we might as well share to protect our Marine Transportation System (MTS). The MTS is complex and supply chains are already strained from COVID 19 issues. A cybersecurity issue would complicate things even more.
A recent announcement from Hapag-Lloyd highlights the importance of intermodal transportation connections. The announcement states they discovered a copy of their website which could be used for malicious purposes, which is also known as typosquatting. Hapag-Lloyd mentions that the website could be used to legitimize malicious phishing e-mails as well as for credential harvesting. It is not clear at this point what the malicious URL is, or if any phishing e-mails have been discovered linked to the malicious website.
If you conduct business with Hapag-Lloyd, it is highly recommended you inform your workforce to exercise extra caution with e-mails appearing to originate from Hapag-Lloyd, abstaining for clicking on any links in e-mails, and manually typing or using pre-existing known valid bookmarks when navigating to any organization’s website.
In closing, it is worth pointing out that most maritime organizations are starting to understand the importance of cybersecurity. Together we can all take steps to reduce cyber incidents. Two factor authentication, not clicking on unknown links, separating IT and OT systems are just a few of the ways all of us can prevent an incident.
