Why ports are at risk of cyberattacks

Evidence indicates that the world’s ports are returning to pre-pandemic levels. During the first 11 months of 2021, the value of US international freight increased by more than 22% (PDF) compared with the same 11 months in 2020. More freight means more ships docking at port. And not only are more ships docking, but their dwell times are increasing as well. The average container vessel dwell time at the top 25 US container ports was estimated at 28.1 hours in 2020. In the first half of 2021, average container vessel dwell times increased to 31.5 hours.

While this increase in activity is undoubtedly welcome, more docked ships bring a new challenge. The longer a ship is docked, the more vulnerable the port is to a cyberattack.

The Cyber-Risk to Ships

The maritime industry is especially vulnerable to cyber incidents. There are multiple stakeholders involved in the operation and chartering of a ship, which often results in a lack of accountability for the IT and OT system infrastructure and the ship’s networks. The systems may rely on outdated operating systems that are no longer supported and cannot be patched or run antivirus checks.

Going forward, this threat is expected to increase. Critical ship infrastructure related to navigation, power, and cargo management has become increasingly digitized and reliant on the Internet to perform a broad range of legitimate activities. The growing use of the Industrial Internet of Things (IIoT) will increase the ships’ attack surface.

Common ship-based cyber vulnerabilities include the following:

• Obsolete and unsupported operating systems
• Unpatched system software
• Outdated or missing antivirus software and protection from malware
• Unsecured shipboard computer networks
• Critical infrastructure continuously connected with the shore side
• Inadequate access controls for third parties including contractors and service providers
• Inadequately trained and/or skilled staff on cyber-risks

Troubled Waters?

Maritime cybersecurity has become a significant issue affecting ports around the world. According to the firm Naval Dome, cyberattacks on maritime transport increased by 400% in 2020. Cybersecurity risks are especially problematic to ports around the globe since docked ships regularly interact digitally with shore-based operations and service providers. This digital interaction includes the regular sending of shipping documents via email or uploading documents via online portals or other communications with marine terminals, stevedores, and port authorities.

To read the complete article, visit Dark Reading.