2023-002-Worldwide-Maritime Port Vulnerabilities - Foreign Adversarial Technological, Physical, and Cyber Influence
- Issue: This Advisory seeks to alert maritime stakeholders of potential vulnerabilities to maritime port equipment, networks, operating systems, software, and infrastructure. Maritime ports, facilities, and infrastructure, worldwide, are vulnerable to physical and cybersecurity exposure through foreign adversarial (defined in the Office of the Director of National Intelligence’s (ODNI) 2022 Annual Threat Assessment – and linked in references) access to port equipment and supply chain information management systems. Specifically, proprietary foreign adversarial companies manufacture, install, and maintain port equipment that pose potential vulnerabilities to global maritime infrastructure information technology (IT) and operational technology (OT) systems. In the last few years, the U.S. Government has published several documents (see paragraph 4 below) illuminating the risks associated with integrating and utilizing LOGINK, NucTech scanners, and foreign port cranes.
- Guidance: Potentially impacted maritime industry stakeholders should apply cybersecurity best practices for Access Control (identity and access management), vulnerability mitigation, and configuration management, and should:
- Posture themselves to increase their cybersecurity and cyber resiliency to respond to and report any incidents that could inhibit the ability to continue operations.
- Improve their knowledge of how port equipment is integrated into their port network to mitigate potential vulnerabilities.
- Stress the importance of understanding and knowing who maintains access to the foreign maritime technology throughout their port or facility.
- Be wary of untrusted network traffic. Treat all traffic transiting your network – especially third-party traffic – as untrusted until it is validated as being legitimate.
- Ensure infrastructure operational resiliency, regarding system security, as well as the ability to maintain equipment and sourcing for critical parts and upgrades.
- Contact Information: Maritime stakeholders who discover a compromise or suspicious activity within the Marine Transportation System (MTS), or OT/IT assets should contact:
- U.S. Coast Guard National Response Center: 1-800-424-8802
- Cybersecurity and Infrastructure Security Agency (CISA) Central: 888-282 0870 or firstname.lastname@example.org
- FBI’s Cyber Division: 855-292-3937 or CyWatch@fbi.gov
- Department of Homeland Security (DHS)/Cybersecurity and Infrastructure Security Agency (CISA) - Port Facility Cybersecurity Risks: www.cisa.gov/sites/default/files/publications/port-facility-cybersecurity-risks-infographic_508.pdf
- National Security Agency (NSA), ODNI, and DHS/CISA - Developers Recommended Practices Guide for Securing the Software Supply Chain 1 Enduring Security Framework: media.defense.gov/2022/Sep/01/2003068942/-1/-1/0/esf_securing_the_software_supply_chain_developers.pdf
- U.S. - China Economic and Security Review Commission - LOGINK: Risks from China’s Promotion of a Global Logistics Management Platform: www.uscc.gov/sites/default/files/2022-09/LOGINK-Risks_from_Chinas_Promotion_of_a_Global_Logistics_Management_Platform.pdf
- Federal Register - Entry on the Entity List (NucTech) : https://www.federalregister.gov/documents/2020/12/22/2020-28031/addition-of-entities- to-the-entity-list-revision-of-entry-on-the-entity-list-and-removal-of-entities
- U.S. – China Economic and Security Review Commission 2022 Annual Report to Congress: https://www.uscc.gov/annual-report/2022-annual-report-congress
- Federal Bureau of Investigation (FBI) - Worldwide Threats to the Homeland: https://www.fbi.gov/news/testimony/worldwide-threats-to-the-homeland-111522
- H.R.7776 - James M. Inhofe National Defense Authorization Act for Fiscal Year 2023 (Section: 3529) : ouse-bill/7776/amendments?s=3&r=22&q=%7B"search"%3A%5B"National+Defense+Authorization+Act"%2C"National"%2C"Defense"%2C"Authorization"%2C"Act"%5D%7D
- ODNI - 2022 Annual Threat Assessment of the U.S. Intelligence Community (Pages 7 and 8): www.dni.gov/index.php/newsroom/reports-publications/reports-publications-2022/item/2279-2022-annual-threat-assessment-of-the-u-s-intelligence-community
- 2022 Annual Report to Congress (Page 317): https://www.uscc.gov/sites/default/files/202211/2022_Annual_Report_to_Congress.pdf
- Cancellation: This advisory will automatically expire on August 16, 2023.
For more information about U.S. Maritime Alerts and Advisories, including subscription details, please visit www.maritime.dot.gov/msci/maritime-security-communications-industry-msci-web-portal