HLSS645

Please Follow directions or I will dispute 

Please answer original forum with a minimum of 250 words and respond to both students separately with a minimum of 100 words each 

Page 1 Original Forum with References 

page 2 Lyle response with references 

page 3 Heath response with references 

Original Forum 

What aspect of Maritime Cyber Security concerns you the most? What type of cyber events would have significant impact on the day to day operation of a port?

Student response 

lyle

           The most concerning for me are the malware that can cause damage in the physical world and possibly kill people, such as the Triton attack on the Saudi critical infrastructure (Giles, 2020). I do think these types of attacks are less likely to happen in the U.S. unless we are in a full conventional war with another country. However, even attacks that are not that malicious can have a serious impact. They dont need to control the ports or remotely control the ships to cause harm. All they need is to cause enough problems where the port computers are not able to function and it takes weeks for computer experts to get them back up and running. 

           Just a few weeks of the Los Angeles / Long Beach port being shutdown would hurt the economy bad. These types of attacks we have seen at places like hospitals, where they simply lock everyone out from being able to use the computers and then demand money (Balakrishnan, 2016). They dont need to control machinery in the hospitals or anything crazy like that, they just need to lock the computers. If the cranes, shipping containers and everything involved at the port are run on computers, then locking everyone out of them would shut the port down. This is the most likely scenario in a cyber-attack. 

           I think the more malicious types of malware that are designed to explode a facility will be saved for other targets that make are large explosion such as a fuel facility. However, LNGs could be targeted with this type of malware with devastating effects if it was detonated in a port. Most likely we will see an attack that takes the computers offline before we see an attack that is meant to explode an LNG in the port. I believe that only state-actors can conduct an attack like Triton or Stuxnet and not terrorists. No country now wants the retaliation from the U.S. if they were to blow up an LNG which would likely end up in full scale war, so they will likely stick with things that costs us money. 

Balakrishnan, A. (2016, February 17). The hospital held hostage by hackers. CNBC. https://www.cnbc.com/2016/02/16/the-hospital-held-hostage-by-hackers.html. 

Giles, M. (2020, April 2). Triton is the world’s most murderous malware, and it’s spreading. MIT Technology Review. https://www.technologyreview.com/2019/03/05/103328/cybersecurity-critical-infrastructure-triton-malware/.

Heath

It is difficult to say whether any one aspect of maritime cyber security is the most vulnerable and therefore the most susceptible to attacks or that there is any one aspect that worries me the most. There are too many vulnerabilities in the maritime industry that can affect daily operations. According to the Department of Homeland Securitys Cybersecurity and Infrastructure Security Agency, there are six main components of port operations at risk. The general facility access like the gates where personnel, vehicles and cargo enter the port where disruptions can cause congestion and slow operations. The terminals headquarters, specifically the data storage where information on ships, cargoes, clients are stored and could be manipulated in order to smuggle or evade taxes. The terminal headquarters specifically a ransomware attack that would hold the port hostage and disrupt operations. The operational technology systems that actually run the port like cargo handling equipment, pumps, and communications which could result in safety hazards, physical damages to the facility, and the disruption of general operations. Positioning, Navigation, and Timing that could cause ships to drift off course, cause collisions, block a navigation channel, or release a hazardous material. Similarly, the vessels themselves are at risk of being physically accessed, ransomed, data manipulated, or even lost entirely (DHS, 2020). 

I think the biggest threats to ports stem from criminal activity, those seeking direct financial gain through ransomware, and a physical attack from non-state actors. As Joel Snape points out in his article in the Maritime Executive, these groups have little to lose and everything to gain by their actions (Snape, 2021).

-Heath

Source(s):

DHS. (2020, December). Port Facility Cybersecurity Risks Infographic. Cybersecurity and Infrastructure Security Agency CISA. https://www.cisa.gov/publication/port-facility-cybersecurity-risks.

Snape, J. (2021, March 9). There’s No Margin for Error in Port Cyber Security. The Maritime Executive. https://www.maritime-executive.com/editorials/there-s-no-margin-for-error-in-port-cyber-security.