International. Alexei Pinal, OT Cybersecurity Regional Sales Director of Nozomi Networks indicated that the maritime industry is increasingly relying on devices connected to the network, a phenomenon that places it in the crosshairs of cybercriminals, who have seen a lucrative opportunity to perpetrate their attacks.
In general, for Nozomi Networks "the maritime sector has transformed its operations to an increasingly technological environment, which has brought improvements in efficiency, but they have also increased the cyber risk of the sector". Hence, the company launched an alert about the threats that could cause disruptions of activities in seaports and the importance of implementing solutions and preventive measures to protect against attackers.
For his part, Alexei Pinal, said that "the port infrastructure has undergone a rapid digital transformation, which includes the incorporation of OT systems (operational technology) with which systems such as cargo handling and management, power supply control, access controls and video surveillance, to bulk storage, reception and distribution of goods are controlled. among many other things. Each of these activities could represent a critical cybersecurity breach if not properly protected."
The evolution of this industry has exponentially increased the risks in port operations, and can even compromise the lives of operators and passengers, which represents an opportunity for cyberattackers. Maritime organizations should initially consider
Below is a list of practices that Nozomi indicates for compliance with maritime safety requirements:
- Conduct cybersecurity assessments.
- Determine cybersecurity maturity levels.
- Execute technology and risk audits, asset inventory and vulnerability assessments.
How does cybersecurity bring to port OT systems?
Specialized solutions and preventive measures have been developed to protect against cyberattackers, along with the implementation of a solid cybersecurity program that accompanies an assessment of vulnerabilities and risks on an ongoing basis. In this way it is possible to have all the technological assets of the ports and ships monitored under a complete, safe and updated scheme.
Likewise, the operational visibility of the network is another important point to take into account, since it is essential to strengthen OT cybersecurity in ports. Thanks to continuous and automatic inspection, operators have the ability to quickly identify and respond to cyber incidents. Constant monitoring of systems and network traffic can detect unusual patterns or malicious activity, triggering alerts about common attacks such as ransomware and DDoS.
What happens when you don't think about maritime cybersecurity?
In the last two years, there were two relevant cases in which port operations were compromised by cyberattacks and increased the attention that should be paid to this type of incident.
One was the case of Sea-Invest, in which the global operator of port terminals for the transit of bulk goods, was forced to stop its operations due to a cyberattack at the beginning of 2022; and the other was the incident at the port of Lisbon, in Portugal, where sensitive data for its operation were compromised, such as cargo information, ship records, port documentation, among others, in exchange for a large sum of money requested by the attackers.
According to a 2021 OAS report and according to IHS World Trade Service, maritime trade amounts to approximately $3.75 trillion, and the combined economic value of port activities is much higher. In Latin America this sector has a great value for industry and tourism, as it has a large number of ports and facilities for the development of global maritime routes and intercontinental trade from countries such as Panama, Brazil, Mexico, Colombia, Chile and the Caribbean islands.
Alexei Pinal concluded that "it is important that operators in this industry are aware of the risks and threats they face in their day to day, to build a complete and efficient protection strategy for critical infrastructure throughout the region. Governments and companies in charge of maritime processes must take optimal measures that include the identification and assessment of risks, the implementation of adequate access controls and the constant monitoring of assets in ports and ships, such as network segmentation or multifactor authentication."
Leave your comment