With the United States’ killing of Iranian General Qassem Soleimani, the threat of cyber attacks against U.S. businesses and government agencies has reached a fever pitch. The global maritime industry should take note.
Not even three years ago, the NotPetya malware attack crippled the the global network of A.P. Moeller-Maersk, owner of the world’s largest shipping line and marine terminals across the globe. The company put the cost of the cyber attack at $200 million to $300 million, with the total economic cost estimated at hundreds of millions more as the attack engulfed the global transport sector.
Although not linked to Iran, the NotPetya attack goes to the show the damage that can be inflicted when a cyber attack hits a globally-interconnected industry like maritime.
In the wake of Soleimani’s death, Iran has vowed retribution against the United States and experts agree that cyber attacks are high on the list of possible retaliatory actions within the capability of the Iranian government.
Earlier this week, New York’s Department of Financial Services, which regulates New York’s robust financial, insurance and banking industries, published an alert to “all regulated entities” warning of the heightened risk of cyber attacks from hackers affiliated with the Iranian government. The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency on Monday issued similar guidance, it’s first since the Soleimani airstrike, warning of the potential for “retaliatory aggression” from Iran.
While no specific threat from Iran has been identified, the maritime industry should be prepared.
Even before these recent geopolitical developments, the U.S. Coast Guard agreed that maritime cyber security and port resilience are some of the most challenging security issues facing the global Marine Transportation System (MTS) today.
In 2018, a ransomware attack hit the Port of San Diego, infiltrating the port’s computer network and disrupting administration systems. In another incident in February 2019, a U.S.-flagged containership inbound to the Port of New York and New Jersey had its shipboard network disabled. While an investigation into that ultimately determined that the attack was benign, the incident prompted the Coast Guard to issue a Marine Safety Alert with recommendations to ship and facility owners, operators, and other responsible parties to step up their cyber security measures due to the seriousness of the threat.
These incidents have also prompted a refocussing of the Coast Guard’s cyber security efforts.
In December, Coast Guard Sector New York, along with members of the Area Maritime Security Committee (AMSC) for the Port of New York and New Jersey, formed a cyber coalition bringing together leaders from various business sectors, government agencies, and academia to combat the maritime cyber security threat. The goal of the coalition is to facilitate the sharing information and enhancement of maritime cyber security through routine cyber exercises and the establishment of a Cyber Advisory Committee, made up of cyber and industry experts ready to assist in a cyber-incident response.
“The fact that port partners across different industry sectors came together to develop this plan speaks to the serious nature of the cyber threat and is a testament to the shared equities at stake,” said Capt. Jason Tama, Coast Guard Captain of the Port and Federal Maritime Security Coordinator.
The financial services sector, for example, is heavily vested in the maritime industry and its ability to deliver goods and services to U.S. ports, as nny disruption to cargo, oil, and gas, or passenger ferries could mean big impacts to the financial markets, especially commodities.
“Cyberattacks are a 21st century reality and an ever-present operational risk that we must be ready for,” said Jeff Milstein, of Vitol vessel operations, one of the world’s largest energy traders, and former chair of the AMSC. “We have witnessed first-hand the disruption that a cyber-incident can cause in our nation’s ports, and we’re committed to taking action to minimize those risks.”
Recognizing the cyber threat, the Port of Los Angeles is moving towards establishing a Cyber Resilience Center to share cyber threat information across stakeholders within the port complex to help prepare companies against cyber risks that could impact the cargo supply chain. Since 2014, the Port of Los Angeles has also operated a Cyber Security Operations Center, with a dedicated cybersecurity team, which acts as a centralized location to monitor network traffic to prevent and detect cyber incidents under port control.
“Ports are a key part of a complex system that must address cyber risks,” said Tom Gazsi, Deputy Executive Director and Chief of Public Safety and Emergency Management at the Port of Los Angeles. “Over the past few years, we have seen how cyber incidents have impacted some ports across the world, threatening the operations of the entire maritime supply chain. That’s why we’re taking a collaborative approach to strengthen our cyber security posture.”
So while there’s no telling when or how Iran may retaliate, the global maritime industry should take notice and make cybersecurity a top priority. Global trade just might depend on it.