In late June of 2017, AP Moeller-Maersk shut down its container
operations at the Port of Los Angeles. It wasn't due to labor
relations problems, equipment malfunction or other reasons that
have been known to thwart port operations. It was a cyber-attack.
In today's climate of information technology, there's no telling
where hackers lurk or a cyber security compromises may occur. For
the maritime industry and its extended supply chains, the threat
is real and looming.
"At the local Maersk facility in L.A., terminal personnel had to
return to the days of paper and pen to keep cargo moving," says
Jill Taylor, Homeland Security Manager with the Port of Los
Angeles in San Pedro, Calif. "Thankfully, they were able to
recover rather quickly, but there was still a worldwide impact.
If it can happen to Maersk, it can happen to anyone."
This is not the first alert to the cyber security risk posed for
seaports. E. Anthony Incorvati is the Business Development
Manager, Transportation for Axis Communications who provides
network video as security for many commercial facilities. He says
cyber security is a major concern for maritime and port security
today and has been a top priority for the American Association of
Port Authorities Security Council and many Port Authorities and
federal agencies for some time.
"Ports are the economic engines of this country and the world,
meaning any downtime caused by a breach could have a catastrophic
impact on global supply chains," says Icorvati. "While not always
thought of as an early tech adopter, many ports have embraced the
internet of things (IoT). While communications and information
technologies are beneficial for operations, they also open ports
up to being more vulnerable to cyber-attacks than ever before.
Any connected network device being utilized, whether it is for
operational efficiency or better physical security, can create a
cyber security risk. This includes IP cameras, which are normally
seen as fundamental to preventing physical security issues, and
are potential forgotten as possible cyber vulnerability."
Transportation infrastructure is often viewed as a target as it
is a first line in disabling or doing harm to a supply chain. The
effects of such an attack may ripple throughout the commerce that
relies on it. Within transportation infrastructure though,
maritime operations are truly vulnerable. Not only is a cyber
threat part of the problem, but so are further acts of terror.
According to Orange Business Services - a global IT and
communications services provider who has developed the Orange
Maritime Connect single integrated solution platform managing a
shipping fleet, cyber security is a real threat and many maritime
shipping companies are not fully prepared. According to their
research from Futurenautics, 43 percent of crews have sailed on a
vessel that has been compromised by a cyber incident. 90 percent
of mariners had never received any cyber security training or
guidelines. 95 percent of breaches are caused by human errors.
They also cite research stating that ship operators believe that
data traffic will increase by nearly 60 percent over the next 2-3
Great strides continue to be made in using technology to improve
efficiency and reduce costs within ports and shipping. However,
technology often brings increased risks according to Andrew
Beckett, a managing director for Kroll, an information technology
security consultancy, based in London.
"Systems which automate the movement of ISO containers can be
hacked so that the containers are moved to a quiet area of the
docks for the removal of smuggled items or in some cases, the
removal of the entire container before it is processed by
customs," says Beckett. "The ability to access and alter
electronic shipping records, bills of lading, and other
documentation means that it is all but impossible to trace
missing containers. Having CCTV and bar code scanning running on
different, isolated systems provides the ability to collate
records from multiple sources for verification purposes and makes
it harder for illegal activity to go unnoticed. However, too
often, those comprehensive systems are missing."
Jill Taylor also believes the threat may extend beyond a cyber
frontier to acts of terror. She points out those seaports with
cruise terminals have some of the largest gatherings of people
anywhere, with thousands of people embarking and debarking within
a handful of hours inside a relatively small footprint. Taylor
emphasizes that this is a vulnerability be vigilant in by
planning and training.
Her concerns reach further as there is discussion about cutting
off Federal port security grant funding to sanctuary cities. "In
LA, the primary source of funding for our security system is the
Department of Homeland Security's Port Security Grant Program,"
she says. "This funding has been instrumental in our ability to
install layers of security to protect our Port. Since 2002, we
have received over $80 million in Federal grant funding some of
which has been used to prevent and/or mitigate the security
concerns I just mentioned. We have built a Cyber Security
Operations Center, which thwarts over 200,000 attacks per week,
installed over 400 cameras on land and waterside and purchased
Port Police patrol and training vessels. So, cutting off this
funding to ports in sanctuary cities would be detrimental to the
security of our Nation's cargo and economy."
In order to arrest the threats that prevail, it's important to
collaborate with other stakeholders within the intelligence
community. Staying ahead of emergent threats means being aware of
what others are thinking and to know more precisely what your
facility and its location presents as risk.
"Living in a Country like [the] United States there are so many
potential areas of vulnerability," says Michael Graychik, Deputy
Chief, Emergency Management and Operations Group, Los Angeles
Port Police in San Pedro, CA. "We watch and respond to current
threats. We have very frequent communications with our partners
in the intelligence community and strive to stay ahead of
emerging threats. We using training and planning to prepare and
to lessen our exposure to all known threats."
Graychik says that geographic location of their port is of great
concern due to the open space of the California coast, its
un-monitored coastline and the many security challenges it
"Most commercial vessels are tracked and monitored but there is a
threat that exists from smaller unmonitored recreational
vessels," he says. "The small vessel threat is something that has
been discussed within the Maritime Law Enforcement Community for
many years now."
Turning to Technology
New technology is likely to shape the risk equation for all links
in transportation supply chains. Investments in securing maritime
operations are increasing in parallel to the security
vulnerabilities of the marine supply chain infrastructure. With
new technology is a heightened focus on having workforce in place
that is dedicated to security.
The Port [of Los Angeles] Police uses a number technologies and
partnerships to mitigate risks related the physical dimension of
the maritime domain adds Graychick. "We are one of the few public
safety departments that provide a full time contingent of
officers to address our waterside security concerns," he says.
"Our Marine Unit is on the water 24/7, as well as a full time
dive team to address underwater security threats."
He says their patrol boats are equipped with the radiological and
nuclear detection capabilities. Officers use this technology to
passively scan all types of vessels as they transit in and out of
the port. They also scan throughout the port's marinas and along
its 43 miles of shoreline.
"Our Hazardous Material Unit and Marine Unit work with a regional
public safety consortium known as 'Securing the Cities', to
provide random large scale, multi-agency, radiation and nuke
detection operations for both the Ports of Los Angeles and Long
Beach," says Graychick. "Vessel screening is done on a large
scale inside and outside of the port complex."
In a marine environment however, new visual technologies can be a
boon to security efforts. Security cameras are very sophisticated
nowadays and can offer capabilities that go beyond the archaic
vigilance and surveillance we associate with them.
"It is incredible what can be done with surveillance cameras
today," says E. Anthony Icorvati. "They are much more than
cameras and more akin to computers with the processing power to
enable intelligent applications that reside at the edge - or on
For example, thermal cameras have come a long way and are a
must-have technology for maritime security, especially for
perimeters. There are currently solutions available that can work
with thermal cameras to allow for the detection of moving objects
and long ranges with only a couple of pixels on targets needed.
Intelligent software applications can take what is captured by a
thermal camera and optimize it by connecting with a neighboring
PTZ color camera, which can automatically track the object
detected by the thermal camera."
Other technologies aid in the authentication and identification
of those in and around the maritime operations environment.
Icorvati says his firm provides technology in support of worker
validation as newer tools and technology are being used for
verification and validation.
"The Transportation Worker Identification Credential (TWIC) is
something all leaders in the maritime industry should be aware
of. Given that many vessels and ports hold sensitive information
or materials, it is important to ensure they are highly secured
and regulated. It is a regulation enacted by the Maritime
Transportation Security Act, affecting workers who require access
to secure areas of the nation's vessels," he says.
Maritime Security & the Road Ahead
Tools and technology as well as a dedicated task force to bolster
security are crucial. As threats and cyber risk increases it's
important to look to the future and stay focused on what's ahead
for the maritime industry, its infrastructure and the supply
chain it supports from all sides.
"Going forward, cyber will continue to be a hot topic in port
security," says Taylor. "A company can put all necessary barriers
in place to prevent an attack from a foreign country or outside
entity, but still be exposed to the insider threat. Whether it is
an unknowing employee opening up an infected email, or a
disgruntled employee inserting a malicious thumb drive, there are
numerous ways the network can be exposed to a virus from the
inside. Security professionals know we cannot be complacent and
this is particularly true with cyber. The message for proper
cyber hygiene has to be circulated over and over again to
employees at all levels within a company and protocols need to be
enforced regarding the use of external devices. Information
technology is ever evolving and the next cyber disaster could be
just a click away."
Icorvati also posits that the newfound utility of data security
from information technology is a growing concern. The Internet of
Things (IoT) and the opportunity it presents in extracting data
and using it, is a source of concern for maritime security in the
"The focus will be on connected devices, whether it is learning
new ways to utilize connected devices for improved operational
efficiency or physical security, it will continue to remain a
priority," he says. "As with most industries today, IT and
physical security managers will continue to work more closely to
help ensure that the entire entity is protected. With hackers
becoming even more advanced, the access they can gain from an
unprotected internet protocol (IP) camera to not only data, but
other connected devices, can be disastrous."
Nick Doyle, a managing director with Kroll in London adds that
the design and integration of complex and innovative systems,
alongside effective cyber, crisis management, and business
continuity plans, will likely find their way into many, if not
all, ports within the next three to five years. This will help
ensure that ports are prepared to manage and respond to a diverse
range of potential business impacts. He smartly points out that
on the day of 9/11, U.S. airports remained closed. But after five
hours ports were being reopened as the authorities realized how
critical they are.
As attacks - both physical and cyber - continue to rise, maritime
infrastructure must be riveted on reliable security measures.
Says Icorvati: "While many ports are considering the cyber
security ramifications currently, over the next few years as
attacks continue to rise and physical security improves, it will
become the forefront of safety and security."