Cybersecurity Execs Weigh In On Biden's Maritime Security Executive Order
Concerns over infrastructure cyberattacks have mounted since the 2021 ransomware cyberattack on Colonial Pipeline - which temporarily shut down the nation's largest pipeline - as well as countless other attacks on public agencies and businesses.
President Joe Biden signed an executive order Wednesday outlining a strategy to protect the nation's ports, waterfronts and vessels from cyberattacks.
The order creates several federal regulations giving Coast Guard officials the authority to "prevent damage or injury to any vessel or waterfront facility" and to "safeguard ports, harbors, territories, or waters."
Additionally, the order allows officials to prevent any person, article or thing including "data information, network, program, system, or other digital infrastructure" from accessing any vessel or waterfront if deemed a threat.
The order is an amendment to an existing one - EO 10173 - which President Harry Truman signed in 1950 to also safeguard the country's vessels, ports and waterfront facilities.
Biden's order further details regulations related to identification credentials; possession and control of vessels that may be under threat; and required reporting of any sabotage.
In a press briefing, the White House said that the order will "bolster the Department of Homeland Security's authority to address maritime cyber threats."
Rear Admiral Jay Vann, commander of the United States Coast Guard cyber command, spoke of threats posed by ship-to-shore cranes made in China, during the briefing.
Vann said that the cranes account for nearly 80 percent of ones at U.S ports and that they "may be controlled, serviced and programmed from remote locations."
That capability, he said, could potentially leave Chinese-manufactured cranes, "vulnerable to exploitation."
Protecting The Nation's Infrastructure Is A Growing Concern
Concerns over infrastructure cyberattacks have mounted since the 2021 ransomware cyberattack on Colonial Pipeline - which temporarily shut down the nation's largest pipeline as well as countless other attacks on public agencies and businesses.
Last week, FBI director Christopher Wray testified before a congressional committee that the Chinese government is targeting U.S. infrastructure, Reuters reported.
Cybersecurity vendor executives had praise for the Biden administration's decision, albeit with some cautionary advice.
Nir Ayalon, CEO of Cydome - a company that specializes in maritime cybersecurity -- told MES Computing in a statement about the importance of this executive order.
"About 90 percent of the world's goods travel by sea, so this is a very critical infrastructure for the world's economy. Just for perspective: a single cyber incident last month at a company that manages cargo operations in [four] Australian ports, managed to shut down handling of 40 percent of all the incoming and outgoing cargo in Australia (which gets almost all of its goods by sea) for several days," Ayalon said.
"We identify a sharp increase in the number of cyberattacks on maritime companies in recent months and 1-2 years (our research shows a cyberattack on a maritime company every three days during September-October 2023), and we expect this trend to grow as ships get more connected (especially since the introduction of Space X's Starlink service). However, maritime cyber protection remains a challenge because of specialized devices, systems, and protocols used by maritime companies and also because there was less awareness in the past to cyber risks in this industry," he added.
Ayalon said that several regulators, including an EU directive (NIS2) that imposes personal liability for cyber protection on managers of shipping companies, have already introduced strict maritime security protections.
Marty Edwards, deputy chief technology officer of OT/IoT at cybersecurity company Tenable, recently testified before the U.S. House Homeland Security Committee on securing the water sector. Edwards said in an emailed statement about the order that "granting more authority to the Coast Guard to act will likely help limit the risk of cyber incidents that affect our maritime security."
However, he also cautioned that those responsible for the heightened security measures will need to be "properly resourced" and that their "roles and responsibilities are clear and that these actions are harmonized with other federal cyber policies and regulations."
In a statement to MES Computing, William Diaz, vice president, vertical solution sales at Check Point Software Technologies, said the company "applauds the administration's decision to strengthen our nation's ports, waterfronts and vessels" and that amending EO 10173 "highlights the importance, urgency and vulnerability that we face under an ever-increasing number of sophisticated cyber-attacks."
But he stressed: "This is a great first step in making our perimeter security a priority, but we cannot stop here. The ever-evolving cyber threat requires evolving solutions."
Rob Sheldon, senior director, public policy and strategy at CrowdStrike, said via an emailed statement that it was "good to see additional focus on strengthening maritime and port cybersecurity. There are enormous economic and strategic implications of shipping disruptions, and over the past few years we've seen ransomware groups and nation state actors, like Vanguard Panda, targeting this and associated infrastructure. Yesterday's Executive Order is the latest in a series of government initiatives over the past few years designed to assess and harden critical infrastructure cybersecurity on a sector-by-sector basis—which is a positive trend."
The public sector is a frequent target of hackers. Check Point Research found that in 2023 government organizations experienced nearly 1,600 cyberattacks per week on average.