President Joe Biden signed an executive order and issued a federal rule on Wednesday in an effort to strengthen the security of the nation’s ports against potential cyber threats.

The government is creating a list of cybersecurity rules that all port operators in the country must follow, similar to safety regulations that aim to protect individuals and structures from harm or destruction.

Anne Neuberger, the deputy national security adviser at the White House, emphasized the importance of implementing equivalent standards for cyber threats. This is crucial as cyberattacks have the potential to cause even more destruction than natural disasters or physical attacks.

According to Neuberger, ports across the country employ approximately 31 million individuals and contribute $5.4 trillion to the economy. However, they could face potential vulnerability to cyberattacks like ransomware. To combat this, a standardized set of requirements has been implemented to safeguard against such threats.

The federal government is placing emphasis on updating the protection of essential infrastructure such as power grids, ports, and pipelines as they are becoming more reliant on online management and control. Currently, there are no universal standards in place for operators to follow in order to defend against potential online attacks.

The danger is increasing. Aggressive actions in the digital world – such as espionage and the deployment of harmful software to infect and disrupt a nation’s basic systems – have become a defining characteristic of current global competition.

In 2021, the largest fuel pipeline operator in the country was forced to temporarily stop operations when it was targeted by a ransomware attack. This type of attack involves hackers holding a victim’s data or device for ransom in exchange for payment. The company, known as Colonial Pipeline, ended up paying $4.4 million to a group of hackers based in Russia. However, the Justice Department was able to retrieve a significant portion of the money later on.

Even ports are at risk. In Australia, a cyberattack last year caused a major port operator to halt operations for three days.

According to Admiral John Vann, who leads the U.S. Coast Guard’s cyber command, approximately 80% of the large cranes utilized for loading and unloading cargo from ships at U.S. ports are imported from China and operated via remote control. This makes them susceptible to potential attacks.

In the previous month, authorities in the United States reported that they had intervened in a Chinese government-supported attempt to implant malicious software that could potentially harm civilian infrastructure. Vann expressed apprehension about this type of potential attack as officials worked towards implementing new regulations, and also expressed concern about the potential for criminal actions.

The upcoming regulations, which will undergo a period of public input, will apply to all port operators and non-compliance will result in enforcement measures, although the specific consequences have not been specified by officials. These regulations mandate that port operators report any cyberattacks they experience to the appropriate authorities. Additionally, the Coast Guard, responsible for overseeing the country’s ports, will now have the authority to address cyberattacks.

Source: wral.com