U.S. President Joe Biden is scheduled to sign an executive order on Wednesday aimed at enhancing cybersecurity in maritime ports, with a focus on developing minimum cybersecurity standards for the marine transportation system, according to Anne Neuberger, Deputy National Security Advisor for Cyber and Emerging Technology.
The executive order aims to empower the Coast Guard to respond effectively to cyberattacks by establishing minimum cybersecurity standards for vessel operators and mandating incident reporting. Neuberger noted that the Coast Guard will issue a notice of proposed rulemaking to formalize these standards for the maritime industry. Additionally, the administration has committed over $20 billion for U.S. port infrastructure over the next five years.
Despite existing cybersecurity risk assessments for port operators initiated by the Coast Guard in 2022, critics argue that the magnitude of cyber risks in maritime operations remains unaddressed. With approximately a quarter of the annual U.S. GDP flowing through maritime ports and the vast majority of imports and exports passing through these ports, the significance of securing maritime infrastructure against cyber threats cannot be understated.
The executive order will grant U.S. Coast Guard port captains authority to manage vessels posing known or suspected cyber threats and require facilities to rectify unsatisfactory cyber conditions that could jeopardize port safety and security, as stated by federal officials. Rear Adm. John Vann, commander of the Coast Guard Cyber Command, emphasized the importance of developing measures to prevent, detect, assess, and remediate cyber incidents.
The order’s provisions come in the wake of cyberattacks targeting maritime infrastructure, such as the 2022 ransomware attack on Expeditors International, resulting in significant operational disruptions and financial losses. Federal disclosures also revealed attempted attacks on the Port of Houston, underscoring the vulnerability of U.S. ports to cyber threats.
Moreover, while acknowledging the presence of Chinese-developed cranes in U.S. ports, Department of Homeland Security officials clarified that there are no immediate plans to replace them with American-made equipment.
