Blog

Cybersecurity on the Coast: Initiative to Update Port Security

Written by Bola Ogbara | Mar 8, 2024 2:56:33 PM

As part of a larger initiative, the president has released an executive order to amend regulations related to the Coast Guard and Port Security.

On February 21, 2024, the president released an executive order to amend regulations related to the safeguarding of vessels, harbors, ports, and waterfront facilities. The order was part of a series of actions that aim to improve critical infrastructure security - the Coast Guard released a notice of proposed rulemaking for cybersecurity requirements the following day, the White House announced that they plan to invest more than $20 billion into port infrastructure, and the Coast Guard has announced a Maritime Security (MARSEC) directive on cyber risk management. 

 

In a press call, Anne Neuberger, the Deputy National Security Advisor for Cyber and Emerging Technologies, expressed the importance of taking care of US ports: “America’s ports employ 31 million Americans, contribute $5.4 trillion to our economy, and are the main domestic point of entry for cargo entering the United States. The continuity of their operations has a clear and direct impact on the success of our country, our economy, and our national security. And that’s why the Biden-Harris administration is taking a series of actions to strengthen the cybersecurity of our nation’s ports to not just shore up our cyber defenses, but fortify our supply chains and deliver for the American people.” 

 

Recent malicious cyber campaigns have put a spotlight on improving the security of critical infrastructure organizations. Volt Typhoon was a malicious botnet sponsored by the People’s Republic of China (PRC) and had secretly collected important information from the energy, transportation, and water sectors, gaining the ability to disturb their functions remotely. Fortunately, the FBI and DOJ disrupted the bot at the end of January 2024 and partnered with the Cybersecurity and Infrastructure Security Agency (CISA) to release an advisory.

 

The Coast Guard’s MARSEC Directive focuses on a similar concern. PRC-manufactured ship-to-shore (STS) cranes make up around 80% of the STS cranes at US ports. Because the cranes can be controlled from remote locations, there is a possibility for exploitation by threat actors. The MARSEC directive shares new cybersecurity requirements with owners and operators of PRC-made cranes, but due to the sensitivity of the information, it’s not yet available to the public. 

 

The executive order makes several amendments to address these campaigns. The Captain of the Port has increased authority to prevent people, articles, or pieces of digital infrastructure from being brought into a waterfront facility or onboard a vessel, given that the person or item may damage the facility or vessel (not just physically, but also digitally). No vessel or person will be allowed into a security zone without the Captain’s permission, who also has more authority to inspect the people and items coming in. Coast Guard Port Security Cards will act as new identification credentials, and the Captain of the Port can take control of a vessel should it be necessary to prevent physical or digital harm. 

 

It’s important to note the amendments also include a requirement to report cyber incidents immediately to the FBI, CISA, and the Captain of the Port, which is less time than the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) outlined. 

 

The president’s executive order is only part of a broader effort to enhance critical infrastructure security. This initiative to strengthen the cybersecurity of US ports is crucial for national security and the continuity of operations crucial to the economy and the American people.