1. Section

x. Cybersecurity and Ports

The diffusion of information technologies for communication, managerial, and operational considerations has been enduring across the maritime industry. The benefits of digitalization are far-reaching, but characteristics inherent to information technologies, such as digital network access and connectivity, have opened the door to a new range of vulnerabilities and risks. The growing level of digitization and reliance on information systems open opportunities for cyber-related disruptions at ports. Cybersecurity has wide ramifications on supply chains and has mobilized market players to increase protective and mitigating measures.

Cybersecurity is the protection of information technology systems (hardware and software) and their infrastructure from unauthorized access, misuse, and damage.

Data integrity and privacy challenges and risks have soared with the rise of digitalization, the amount of information processed and stored, and interconnected information networks. The logistics, shipping, and port industry is challenged to safeguard the data being communicated across players since data sharing is at the core of digitalization. Failure to protect data hampers the digital revolution as this represents a risk not only for the end customers but also for the suppliers. There are three main dimensions of data cybersecurity:

Confidentiality. Information technologies, including the data they contain, should be accessible only to authorized personnel. There are different layers to confidentiality, ranging from public access (such as a company informational web page) to restricted information (such as financial accounts) only available to key employees in upper management.
Integrity. The information stored and distributed through information systems must be protected from any unauthorized modification or deletion. This implies that data version monitoring and backup systems allow the information to be reverted.
Availability. The information must be made available to its users at the moment they need to access it. Telecommunication systems, such as Wi-Fi, can be compromised and disrupted, impairing operations. Network redundancy allows for mitigating potential disruptions.

If information confidentiality, integrity, and availability are secured against cyberattacks, a level of cyber resilience can be achieved. Ports and the maritime industry are being increasingly targeted, with cyberattack growth rates in triple digits since 2017. The causes of cybersecurity breaches can be intentional or unintentional, such as an employee error (losing a laptop or a storage device that can be retrieved by others). The consequences are multidimensional, ranging from data theft to operational disruptions that impact carriers and cargo owners. The cyber resilience of a number of ports is perceived to be in question for three main reasons:

Labor and skill issues. The port and maritime industries are competing for IT talent with other industries. Since this sector is less known than other high-visibility sectors, such as finance, recruitment is more challenging. Further, as port terminals are converting to digital technologies, the operational and managerial workforce needs to be trained with new sets of skills.
Software development. Several information technologies in the port and maritime sector rely on software and technologies that can be considered “legacy” and not designed in circumstances where cybersecurity is an issue. Some terminals use in-house software that is particularly prone to vulnerabilities. Further, software development can be undertaken by third parties, which can be subject to risks such as back-doors.
Terminal infrastructure. A port terminal, particularly a container terminal, is composed of a multiplicity of information technologies, automated assets, and telecommunication networks that each represent a potential point of entry for a cyberattack. Terminal infrastructure, including ship-to-shore cranes, gantries, and even trucks, rely on software to operate. Commonly, terminal equipment is manufactured by a foreign entity to the terminal operator, and the software component is also part of the equipment. So, the purchase and installation of terminal equipment can represent a cybersecurity risk.

In recent years, several market players have been confronted with large-scale cyberattacks. For example, in 2017, a ransomware cyber-attack infected Maersk Line and its sister terminal company, APM Terminals. In the same year, the “WannaCry” ransomware attack caused gridlock at FedEx, a major logistics services provider, as the contents of thousands of its networked computers were encrypted. In 2020, the Port of Shahid Rajaee (Iran) was the victim of a cyberattack that resulted in the shutdown of the computer infrastructure controlling cargo, vessels, and vehicle movements in the port. Cybersecurity issues have become central to the resilience of contemporary ports as they represent an entirely new set of risks.