Tech Ports at risk of cyber attack JohnSeptember 19, 20220101 views Evidence shows that the world’s major ports are gradually returning to their pre-pandemic busyness. The value of U.S. international freight increased by 22% between January and November 2021 compared to January-November 2020. Freight growth means more ships are calling at ports. And it’s not just the number of ships docked that has increased, but the length of time each ship is parked. It is estimated that the average dwell time of container ships in the 25 largest container ports in the United States in 2020 is 28.1 hours. In the first half of 2021, the average dwell time of container ships increased to 31.5 hours. While the port boom is undoubtedly exciting, the increased number of ships calling in has also brought new challenges. The longer a ship is docked, the more vulnerable a port is to cyberattacks. Cyber Risks for Ships The maritime industry is particularly vulnerable to cyber incidents. Vessel operations and leasing involve multiple stakeholders, often resulting in a liability vacuum for IT and OT system infrastructure and vessel networks. These systems may rely on outdated operating systems that are no longer supported and cannot be patched or run antivirus detection. Moreover, the threat is expected to continue to grow. Critical ship infrastructure related to navigation, power and cargo management has become increasingly digitized and increasingly reliant on the Internet for a variety of legitimate activities. The growing popularity of the Industrial Internet of Things (IIoT) will also increase the attack surface of ships. Common ship network vulnerabilities are as follows: ● Unsupported outdated operating systems ● Unrepaired system software ● Outdated or missing antivirus and malware protection ● Insecure shipboard computer network ● Continuous connection of critical infrastructure to shore ● Inadequate access controls to third parties such as contractors and service providers ● Insufficiently trained and/or technically ill-trained staff on cyber risks Chaotic waters? Maritime cybersecurity has become a major issue affecting ports around the world. According to Naval Dome, cyberattacks against maritime transport increased by 400% in 2020. The periodic sending of shipping documents via email, or the upload of documents through online portals, or other communications with marine terminals, stevedores and port authorities are all digital interactions between docked ships and shore-based operations and service providers. Cybersecurity risks are especially problematic for global ports due to the frequent need for such digital interactions. For example, many port authorities require foreign ships calling at their ports to complete port state control (PSC) investigations. Among other activities, the investigation was to verify several ship certificates and some 40 different documents required by international maritime authorities. Where is the danger? The port has no choice but to accept the ship’s documentation. Refusal to accept these documents would mean lost revenue for ports and blockages in otherwise smooth supply chains. File sending must continue. But the threat of file-bearing poses a major challenge to the port. Malware is designed to surreptitiously access or damage a computer without the computer owner. Hackers embed malicious code in seemingly innocuous files. Once the files are opened, the malware executes automatically, giving hackers access to valuable data or causing damage to the maritime industry. Many of these threats first hit ships through email phishing scams: tricking employees into opening emails and clicking on malicious links or attachments, or uploading malicious documents to web portals. Such “hacking operations” often exploit vulnerabilities in the ship’s network to reach the ship’s partners, such as ports, through the ship. ConclusionAs a result, data breaches harm even security vendors, much alone regular businesses and individuals. As a result, our companies and individuals must take proactive efforts to safeguard data. Data can be backed up for disaster recovery to prevent all threats. Data protection software is now widely available and simple to use. Consider the popular virtual machine backup method. Virtual machines may run many operating systems at the same time, conserving both real and virtual resources. Virtual machine backup systems such as VMware Backup, RHV backup, Xenserver Backup, Hyper-V Backup, and others are now commonly used.