Cybersecurity Considerations for the Digitalization of Maritime Supply Chains – Homeland Security Today
A new report by the World Bank and the International Association of Ports and Harbors (IAPH) shows that better digital collaboration between private and public entities across the maritime supply chain will result in significant efficiency gains, safer and more resilient supply chains, and lower emissions.
Maritime transportation carries over 90% of global merchandise trade, totaling some 11 billion tons of cargo per year. The organizations say digitalizing the sector would bring wide-ranging economic benefits and contribute to a stronger, more sustainable recovery.
Accelerating Digitalization: Critical Actions to Strengthen the Resilience of the Maritime Supply Chain describes how collaborative use of digital technology can help streamline all aspects of maritime transport, from cross-border processes and documentation to communications between ship and shore, with a special focus on ports.
The COVID-19 crisis has evidenced a key benefit of digitizing waterborne and landside operations: meeting the urgent needs to minimize human interaction and enhance the resilience of supply chains against future crises.
“In many of our client countries, inefficiencies in the maritime sector result in delays and higher logistics costs, with an adverse impact on the entire economy. Digitization gives us a unique chance to address this issue,” noted Makhtar Diop, World Bank Vice President for Infrastructure. “Beyond immediate benefits to the maritime sector, digitalization will help countries participate more fully in the global economy, and will lead to better development outcomes.”
IAPH Managing Director of Policy and Strategy, Dr Patrick Verhoeven, added: “the report’s short and medium term measures to accelerate digitalization have the proven potential to improve supply chain resilience and efficiency whilst addressing potential risks related to cybersecurity. However, necessary policy reform is also vital. Digitalization is not just a matter of technology but, more importantly, of change management, data collaboration, and political commitment.”
Although the International Maritime Organization (IMO) has made it mandatory for all its member countries to exchange key data electronically (the FAL convention), a recent IAPH survey reveals that only a third of over 100 responding ports comply with that requirement. The main barriers to digitalize cited by the ports were the legal framework in their countries or regions and persuading the multiple private-public stakeholders to collaborate, not the technology.
The report analyzes numerous technologies applied already by some from the world’s leading port and maritime communities, including big data, the internet of things (IoT), fifth-generation technology (5G), blockchain solutions, wearable devices, unmanned aircraft systems, and other smart technology-based methods to improve performance and economic competitiveness.
But cybersecurity must not be overlooked in an eagerness to digitalize. According to London-based company Astaara, there has been a fourfold increase in cyberattacks in the maritime industry since February 2020. The Port of Los Angeles, the busiest container port in the United States, has seen a 50 percent increase in unauthorized intrusion attempts since the beginning of the pandemic. Other ports around the globe also report increased cyberthreat activity.
In addition, the report warns that cyberthreat actors “try to exploit port facilities as a one-to-many cyberthreat vector to port community stakeholders, potentially exposing third parties operating in the terminal environment, including terminal operators, port authorities, customs officials, chandlering companies, agents, vendor representatives, and many others”.
And inevitably, the more network-enabled devices are deployed (for example for cargo management), the more port communities and the maritime industry overall become vulnerable to exploitation by a wide range of threats. A threat actor gaining unauthorized access to a terminal operating system could misdirect cargo container assignments, change bill of lading data to minimize the possibility of customs inspections to enable smuggling, or modify scheduling information to facilitate illicit (but authorized) physical entry to a facility. Compromised video monitoring systems can also be manipulated to deceive security personnel and enable threat actors to gain entry to restricted areas.
The report recommends the five-step cybersecurity framework developed by the National Institute of Standards and Technology to reduce cyber risks to critical infrastructure. The framework has become widely accepted as a tool that can help manage and reduce risks related to cyberthreats and focuses on five separate critical functions needed to increase cyber resilience: identify, protect, detect, respond, and recover.
According to the World Economic Forum, economic loss owing to cybercrime is predicted to reach US$3 trillion in 2020, representing 3.4 percent of global gross domestic product. In order to develop collaborative approaches and enhance cooperation between their public and private sector stakeholders, IAPH and the World Bank say port communities must not only initiate but, crucially, expand the cybersecurity dialogue within and between port communities; and that these conversations must be grounded in financial terms.
(Visited 400 times, 1 visits today)