Posted on March 4, 2024
The Biden administration will sign an executive order to bolster port cybersecurity with additional actions to enhance maritime cybersecurity, secure supply chains, and strengthen the US industrial base.
The executive order comes amid fears that Chinese hackers were entrenching themselves in US critical infrastructure, preparing for disruptive cyber attacks.
US Coast Guard expanded mandate on port cybersecurity
The new port cybersecurity executive order gives the U.S. Coast Guard authority to respond to malicious cyber activity within the maritime transport systems.
It also allows the Coast Guard to impose mandatory reporting requirements for cyber incidents and suspected cybersecurity risks at the waterfront.
“The Executive Order will also institute mandatory reporting of cyber incidents – or active cyber threats – endangering any vessel, harbor, port, or waterfront facility,” the White House statement said.
The Coast Guard will also inspect and control the movement of vessels presenting a known or suspected cyber risk to U.S. maritime infrastructure.
The Coast Guard will also issue a directive on managing the cyber risk associated with Chinese-manufactured cranes.
“The U.S. Coast Guard will issue a Maritime Security Directive on cyber risk management actions for ship-to-shore cranes manufactured by the People’s Republic of China located at U.S. Commercial Strategic Seaports,” the White House statement said.
Cranes incorporate Information Technology (IT) and Operational Technology (OT) systems, allowing them to be controlled remotely, thus opening an attack vector for threat actors to exploit.
“Attacks leveraging Wi-Fi, Bluetooth, and IoT protocols may be used to access authorized infrastructure, including IT and OT systems,” said Dr. Brett Walkenhorst, CTO at Bastille. “Monitoring such wireless threats is an important element in a comprehensive approach to upgrading the defenses of our nation’s critical infrastructure.”
The United States sources roughly 80% of cranes from Chinese firms, a country suspected of numerous cyber attacks on US government agencies, critical infrastructure organizations, and public and private companies.
On February 7, 2024, the FBI warned that Chinese state-sponsored hackers were preparing for “disruptive or destructive cyberattacks against U.S. critical infrastructure in the event of a major crisis or conflict with the United States.”
The agency has already issued a notice of proposed rulemaking to establish minimum cybersecurity requirements to address emerging threats in the maritime transportation system.
Speaking during a White House press call, Anne Neuberger, Deputy National Security Advisor for cybersecurity and emerging technology, said the Coast Guard will have the authority to enforce the minimum port cybersecurity requirements and reporting rules.
“The core aspect we have here is ensuring that the regulatory agencies — in this case, the Coast Guard for ports — have the authority to directly require minimum cybersecurity requirements and require that reporting,” said Neuberger, adding that those requirements “can be enforced.”
US government to invest $20 billion in port cybersecurity
Under the Investing in America Agenda, the administration pledged $20 billion in investment in port infrastructure over five years to bring back secure crane manufacturing capacity to the United States.
The new port cybersecurity executive order allows the US to partner with PACECO Inc., a U.S.-based subsidiary of the Japanese firm Mitsui E&S Co., to start producing cranes domestically.
“PACECO intends to partner with other trusted manufacturing companies to bring port crane manufacturing capabilities back to the U.S. for the first time in 30 years, pending final site and partner selection,” the White House statement said.
Port cybersecurity executive order strengthens the supply chain
While state-sanctioned cyber-attacks concerned the United States, the Department of Homeland Security also worried about potential cyber criminal activity by other cybercrime groups.
“This executive order comes at an important time as critical infrastructure remains one of the highest-profile targets for attackers, whether directed by adversarial governments, financially motivated cybercriminals, or hacktivist groups,” said Malachi Walker, Security Advisor at DomainTools.
On July 5, 2023, a LockBit ransomware attack on the Japanese port of Nagoya disrupted operations for several days. Officials warned that a similar cyber attack on US ports could significantly disrupt overseas trade.
“As was mentioned, America’s system of ports and waterways accounts for over $5.4 trillion of our nation’s annual economic activity, and our ports serve as a gateway for over 90 percent of all overseas trade,” said Rear Admiral Jay Vann, Commander of the U.S. Coast Guard Cyber Command.
According to Neuberger, port cybersecurity seriously impacted the supply chain and, subsequently, the US economy and national security.
“The continuity of their operations has a clear and direct impact on the success of our country, our economy, and our national security,” she said. Subsequently, the new port cybersecurity executive order was necessary “to strengthen the cybersecurity of our nation’s ports to not just shore up our cyber defenses, but fortify our supply chains.”
“The Biden Administration’s recent Executive Order is a critical step forward in protecting U.S. ports from cyberattacks and securing America’s supply chains,” concluded Walkenhorst.
