MARAD Advisory Warns of Potential Cybersecurity Threats from Chinese-Manufactured Port Equipment

The U.S. Maritime Administration has issued a new advisory to alert industry stakeholders about potential vulnerabilities in maritime port equipment, networks, operational systems, software, and infrastructure. This warning is particularly for those systems installed, maintained, and manufactured by foreign companies, specifically from China.

Over the past few years, the U.S. Government has highlighted risks associated with the integration and use of the People’s Republic of China’s state-supported National Public Information Platform for Transportation and Logistics (LOGINK), Nuctech scanners, and Chinese-manufactured automated ship-to-shore cranes worldwide.

The advisory coincides with the White House’s announcement Wednesday that it plans to issue an Executive Order aimed at enhancing the security of the nation’s ports, in addition to several other steps aimed at strengthening maritime cybersecurity and fortifying supply chains.

LOGINK, a logistics management platform developed by China’s Ministry of Transport, aggregates logistics data from various sources, including domestic and foreign ports, logistics networks, shippers, and shipping companies. LOGINK’s use in critical port infrastructure around the world, including in U.S. ports, may allow China to access and collect sensitive logistics data.

Nuctech Company, Ltd., a PRC state-controlled entity, manufactures data-centric, partially state-owned security inspection equipment at key logistics nodes worldwide. This equipment has access to sensitive information like biometric data, personal identification information, cargo information, proprietary data, and geo-locational metadata. The U.S. has added Nuctech to the Department of Commerce’s Entity List due to concerns over the company’s involvement in activities contrary to U.S. national security interests.

Shanghai Zhenhua Heavy Industries Company Limited, or ZPMC, holds the largest market share of the ship-to-shore crane market worldwide, including many in U.S. ports. These cranes, depending on configurations, can be controlled, serviced, and programmed remotely, leaving them potentially vulnerable to exploitation.

MARAD’s advisory encourages maritime industry stakeholders to employ cybersecurity best practices and provides detailed risk mitigation measures for automated port cranes. It also advises stakeholders to maintain a comprehensive understanding of data sharing and network access permissions within contractual agreements, ensure infrastructure operational resiliency, and maintain recoverable backups.

To mitigate risks associated with automated port cranes, the advisory suggests several measures, including improving segmentation between the crane and other systems, using secure file transfer tools, enforcing multi-factor authentication, separating management functions from operational systems, monitoring all communications, requiring physical visits for vendor updates, performing periodic integrity checks, maintaining robust response and recovery programs, and ensuring strong physical security and access control.

The U.S. Coast Guard National Response Center, the U.S. Coast Guard Cyber Command (CGCYBER) Maritime Cyber Readiness Branch (MCRB), the Cybersecurity and Infrastructure Security Agency (CISA) Central, and the FBI’s Cyber Division were listed as contacts for stakeholders who discover compromised equipment or suspicious activity within the Marine Transportation System (MTS).

MARAD’s Maritime Advisory can be found here.

Unlock Exclusive Insights Today!

Join the gCaptain Club for curated content, insider opinions, and vibrant community discussions.

Sign Up