Are Ports Prepared To Deal With Threats From Hackers?

The most serious cyberattack in the history of the maritime sector occurred in June 2017. The largest container transport company in the world, Maersk, was the victim of a computer attack which prompted losses of around 250 million euros and had a profound effect on the logistics chains of hundreds of thousands of clients. Back in 2015, transportation was the fifth-most attacked industry according to the IBM 2016 Cyber Security Intelligence Index. However, European ports only began to invest in cybersecurity three years ago. Are they really prepared to deal with the threats posed by hackers?

Posted on 04.06.2018
La ciberseguridad es uno de los mayores retos de la industria naviera. Imagen de Patryk Grądys Cybersecutiry is one of the biggest challenges for the maritime sector. [Image: Patryk Grądys /]
The SMM Maritime Industry Report (MIR)  states that 80% of the leaders in the shipping industry believe that cybersecurity is an “important” or “very important” issue, but not all ports are equally poised to deal with this kind of cyberattack. While American and Asian ports are keenly aware of this issue and allocate a significant portion of their budgets to protecting against cyberattacks, in Europe the concern with cybersecurity is more recent. Incidents like the one with Maersk or the ones suffered by the ports of Antwerp and Rotterdam in 2011 and 2013 have helped raise awareness of the importance that this issue should be given in ports, yet there is still a great deal of work to be done. According to the Administrator of Systems and Projects at Port of Barcelona, Cristian Medrano, the first thing we should learn from this kind of incident is that no one is immune. Measures like creating new jobs focused on cybersecurity can yield positive results. Indeed, the Port of Rotterdam has already appointed a Port Cyber Resilience Officer (CRO) whose mission is to boost the port’s cybersecurity, raise awareness of cybersecurity problems, boost the skills level of organisations and develop risk management. The goal is to adopt a centralised, structured approach to cyber-resistance and to get the port partners involved in this knowledge and experience.  
The SMM Maritime Industry Report (MIR)  states that 80% of the leaders in the shipping industry believe that cybersecurity is an “important” or “very important” issue.

The challenges posed by cybersecurity

According to Cristian Medrano, that ports have to deal with four main cybersecurity challenges.

Getting one step ahead of cybercriminals. Every day, all ports receive dozens of attacks, meaning vulnerability scans in their public IPs. However, the truly worrisome attacks are those that are unseen. In Medrano’s opinion, the best strategy for dealing with this kind of attack is to be prepared. “The only protection”, he says, “is to be one step ahead of the criminals, to find and solve the vulnerabilities before they do”, although we cannot forget that complete security is impossible. “At some time, your organisation is going to undergo a successful attack”, says the head of cybersecurity at Port of Barcelona, “so your goal is to be as prepared as possible for when this attack happens”. The best way to be prepared is having set protocols for each kind of cyberattack and for both the IT Systems department and security workers, as well as facilities users, so they know how to act in the event that this kind of attack occurs. Educating staff on the importance of following rules and practising with them frequently is the most effective recipe.

Cybersecurity should grow at the same pace as the implementation of digital services. American and Asian ports are keenly aware of this, and this is why they began adopting measures before their European counterparts and act like private enterprises. “The Port of Los Angeles, for example, has an impressive infrastructure devoted to cybersecurity”, says Medrano. In his opinion, “the digital transformation is a huge opportunity: if we manage to make cybersecurity yet another element in this transformation, the cultural shift it is making us undergo can be harnessed to implement cybersecurity measures in a cross-cutting fashion, and they will be fully accepted by all the stakeholders involved”.

The technological environment that characterises modern ports poses a greater risk of cyberthreats and therefore the need to maximise protection. Not only can cybercriminals attack from multiple entry points, but the interdependence of systems and electronic devices, the relative ease and profitability of successful attacks and the difficulty of identifying the culprits contribute to increasing this kind of attack. According to Medrano, “security should increase as the range of digital services does”.

The best way to be prepared is having set protocols for each kind of cyberattack. Educating staff on the importance of following rules and practising with them frequently is the most effective recipe.
The governance of port cybersecurity. To deal with this challenge, Port de Barcelona launched the Technical ICT Security Office (OTS). “The creation of the OTS has helped us go from reacting to security incidents to preventing them”, says its head. Also, in order to minimise the risks to the utmost, it decided to incorporate SIEM (an information and event management system) into the Cybersecurity Plan in order to have a real-time picture of all the activity of the port’s systems. Thanks to all of these changes, it has managed to develop a cybersecurity plan aligned with the port’s overall strategy, to improve the security in its IT systems and applications, to have cybersecurity support for new developments, to raise employees’ awareness, to permanently manage security in both a preventative and reactive way, and to apply clearly defined security policies.   Areas analyzed to evaluate the status of cybersecurity. Source: Penteo The cultural shift in port organisations. The most complicated part of launching a cybersecurity system is the cultural shift in port organisations. “When we began to think about this issue”, says Medrano, “it seemed like it was something on the perimeter, like we were talking about putting up a fence. Currently people are aware that they are measures that should permeate all levels: from the workers to the applications, developments and ways that users use the applications. However, this entails a profound change; the goal is to change the corporate culture”. It is common knowledge that technology advances much more quickly than people do, but it is also clear that there is no alternative and cybersecurity is essential in the interconnected world in which we now live.