A team from the U.S. Coast Guard Academy participated in the National Security Agency’s 20th annual National Cyber-Security Exercise (NCX), a three-day cyber competition that tests the offensive and defensive cybersecurity skills virtually, April 8-10, 2021. (U.S. Coast Guard photo by Hunter Medley)
by John Konrad (gCaptain) It’s long been evident that social media users readily exchange their data for free information and services. But what if China were to apply this model to shipping and logistics companies? Such a move could – or possibly already has – jeopardize not only commercial ports but also expose military logistics chains.
In a recent maritime security advisory, the U.S. Maritime Administration (MARAD) has sounded the alarm over China’s escalating technological, physical, and cyber threats in the maritime and logistics sectors. At the heart of this advisory are risks posed by LOGINK, a logistics management platform backed by the Chinese government, which could compromise global maritime infrastructure. MARAD’s call to action urges ports and maritime entities to be vigilant and report any suspicious activities related to LOGINK to the U.S. Coast Guard Cyber Command.
This follows last month’s report by the U.S.-China Economic and Security Commission (USCC), which alerted Congress to the strategic implications of granting potential adversaries, like China, a comprehensive view of global shipping routes and commerce through LOGINK. The USCC cautioned that an upcoming second-generation LOGINK, currently in development, is set to introduce a cloud-based suite of enterprise software applications. This suite will include advanced data analytics that may be appealing to carriers and logistics firms. Such enhancements would provide LOGINK with even deeper insights into global commercial data, potentially offering China’s government an unmatched perspective on commercial transactions and trade relationships.
“China’s subsidization and promotion of a nominally public good in a private market could undermine the dynamism of comparable U.S. services,” said USCC investigators “The United States lacks tools to address market distortions from Chinese digital services. The U.S. government does not have comparable tools to respond to digital services offered when the price is below market value.”
LOGINK: China’s Digital Maritime Behemoth
At the heart of the advisory is the People’s Republic of China’s (PRC) state-backed National Public Information Platform for Transportation and Logistics, known as LOGINK. Beyond being a mere digital platform, LOGINK serves as a single-window logistics management system that aggregates a vast array of logistics data. This includes information from domestic and foreign ports, foreign logistics networks, and hundreds of thousands of users within the PRC, as well as other public databases.
Initially marketed outside of China in 2010, LOGINK has since expanded its footprint, securing cooperation agreements with at least 24 global ports. Its capacity to amass sensitive business and foreign government data, such as corporate registries, vessel details, and cargo data, has raised significant security concerns. The U.S.-China Economic and Security Review Commission (USCC) has identified LOGINK’s data collection prowess as a potential threat, emphasizing the CCP’s strategy to leverage LOGINK to spy on military movements and solidify its stronghold over international maritime trade.
Also Read: Anchoring Cybersecurity with ABS Wavesight: The Need For Vendor Agreement Clauses In Shipping
USCC warns the LOGINK threat is not just to foreign commercial ports but domestic ones as well. “Chinese shipping firm COSCO is a LOGINK partner,” said USCC investigators. “COSCO currently operates terminals at Long Beach, Los Angeles, and Seattle, potentially granting LOGINK a window into vessel, container, and other data at those ports. The Port of Los Angeles is a member of the International Port Community Systems Association (IPCSA) and may potentially share data with LOGINK through IPSCA’s Network of Trusted Networks currently under development.”
Nuctech’s Dual-Edged Sword: Security Equipment or Surveillance Tool?
The advisory sheds light on other software and equipment including Nuctech, a PRC State-Owned Enterprise known for its data-centric security inspection equipment. While its range spans from x-ray scanners to advanced facial recognition systems, Nuctech’s affiliations with the CCP and the People’s Liberation Army have ignited apprehensions. This culminated in the U.S. adding Nuctech to the Department of Commerce’s Entity List, citing national security concerns.
This MARAD alert follows concerns about Chinese port crane and logistics software, the House China Select Committee, under the leadership of Chairman Mike Gallagher, expressed at the Port of Miami earlier in April. That discussion centered around the potential espionage capabilities of Chinese port software and crane equipment, especially in monitoring U.S. military equipment movements. The committee is keen on introducing legislation to inspect port cranes and ban those susceptible to Chinese interference.
In a proactive response, MARAD has furnished maritime stakeholders with a robust set of information links and basic guidelines. The recommendations span from understanding data-sharing protocols to fortifying infrastructure resilience and considering the use of alternative software and systems. The advisory also delves into detailed mitigation strategies for automated port cranes, emphasizing the significance of secure data transfers and stringent access controls.
In the face of China’s expanding digital footprint in the maritime and logistics sectors, the U.S. and its partners stand at a pivotal juncture. The revelations surrounding LOGINK and other Chinese digital platforms underscore the urgency for maritime stakeholders in the commercial shipping sector to understand the military threat from using Chinese software. As China’s technological prowess grows, the U.S. will likely bolster its cyber defenses, ensuring that its commercial and military interests remain safeguarded, at this point it may be too late for international shippers to disentangle their systems from LOGINK. The commercial maritime community, backed by logistics and technology partners, must not only understand traditional cybersecurity measures but must engage with MARAD, US Coast Guard and US military to learn about their concerns as well. The stakes are high, and the future of global maritime trade hangs in the balance.
Worldwide-Foreign Adversarial Technological, Physical, and Cyber Influence by MARAD
LOGINK: Risks from China’s Promotion of a Global Logistics Management Platform by USCC
Join the gCaptain Club for curated content, insider opinions, and vibrant community discussions.
Join the 105,925 members that receive our newsletter.
Have a news tip? Let us know.
By Mike Stone WASHINGTON, April 2 (Reuters) – Virginia-class submarines, an aircraft carrier and frigates being built for the U.S. Navy are now years behind schedule because of skilled labor shortages, design issues, and...
TOKYO, April 1 (Reuters) – U.S. President Joe Biden is set to reach an agreement with Japanese Prime Minister Fumio Kishida to allow large U.S. military vessels to be repaired in Japan,...
MANILA, March 31 (Reuters) – Philippine President Ferdinand Marcos Jr has ordered his government to strengthen its coordination on maritime security to confront “a range of serious challenges” to territorial integrity and...
Access exclusive insights, engage in vibrant discussions, and gain perspectives from our CEO.
Sign Up
Maritime and offshore news trusted by our 105,925 members delivered daily straight to your inbox.
Essential news coupled with the finest maritime content sourced from across the globe.
Sign Up
Join The Club
