The pandemic-led e-commerce demand has been a key driver in increasing cyber attacks on ports and maritime, experts have told PTI.
The Port of Baltimore, part of the Maryland Port Administration (MPA), has experienced a boom in cargo throughput since a surge in import e-commerce demand from US customers.
David Espie, Director of Security for the MPA, said one of the causal factors on the soaring rates of cyber-crime in maritime is the rise of international cargo shipping itself.
Espie commented, “Some of the key drivers are the increasing sophistication of cyber attackers and what they can do.
“These are usually highly intelligent people who are very computer savvy and know what they’re doing. Another factor is the rise in international maritime cargo shipping. More business opportunities create more opportunities for cyberattacks.”
The maritime industry has seen several incidents of port operations hampered by online agents in 2021. Maritime attacks have increased by 900% since 2017, according to 2020 findings by NavalDome. The maritime industry suffered a fourfold increase in cyber-attacks between February and May 2020 alone.
In July, the national operator of South Africa’s ports declared force majeure following a IT outage, knocking out container terminal operations at key ports such as Durban for several days.
For Baltimore, the greatest cyber threats to national port facilities currently includes the manipulation of vital data such as a ship’s crew list, or cargo manifests.
Additionally, Espie raised the critical impact of manipulation of physical security machinery, equipment, or devices – increasing the potential to down operations and creating financial loss.
Federal impact?
Since 2005, the Port of Baltimore’s state-owned terminals have received more than $20 million in funding from the Federal Emergency Management Agency (FEMA) Port Security Grant Program to protect against cyberattacks.
Espie said a federal helping hand could bring benefits.
The security director explained, “Stronger overall legislation targeting private industry where cybersecurity measures are not strong enough or absent could be effective.
“Additionally, jurisdictional coordination of federal agencies including the Department of Defense, FBI and Secret Service could be improved.”
READ: Evolving cybersecurity in ports (£)
IAPH
Pascal Ollivier, Chairman of the Data Collaboration Committee of the International Association of Ports and Harbors (IAPH), added supply chains have been majorly disrupted since the beginning of the pandemic – one factor of which includes cyberattacks on ports
“The pandemic has demonstrated that ports are critical infrastructure not only for essential goods, but also for the resilience of the supply chains,” he told PTI.
“18 months later, supply chains are still disrupted due to several factors including cyberattacks on ports. This has been witnessed recently in ports in Africa, but there have been many incursions which cut across the ship-shore divide.”
The IAPH recently released its flagship report – ‘Cybersecurity Guidelines for Ports and Port Facilities’ – urging collective responsibility to reduce weak links in cyberattacks in the supply chain.
Ollivier was in lockstep with Espie on the importance of resilient whole supply chain: would a stronger state influence help unify logistics actors?
“Indeed that is the case,” he said.
Ollivier said the public guiding hand is a key tenet of the World Bank program to build capacity on cybersecurity – as part of World Bank/IAPH digitalisation road map announced in its joint paper in January 2021.
“It will all be about risk management,” he added.
“This involves an organisation-wide, 24/7 responsibility not only at the local port ecosystem level, but also at the international port ecosystem to protect the global maritime supply chain.”
