Maritime Industry Faces Increasing Cyber Threats
The Port of Nagoya, one of Japan’s busiest ports, was targeted by a cyber attack involving LockBit 3.0 ransomware in early July. This attack disrupted the port’s operations, specifically its ability to load and unload containers from ships. Nagoya Port is a crucial hub for Japan’s automobile exports, and the incident impacted the imports and exports of companies like Toyota.
The attack was initiated when an employee was unable to start a computer, leading to a ransom note demanding payment for system access restoration. LockBit 3.0 is a type of ransomware that infiltrates and encrypts sensitive data. While some media outlets have referred to “LockBit” as the name of the hacking group, it is actually an affiliate-based ransomware variant that can be obtained and utilized by any group. The port’s work resumed on Thursday evening, following a four-day interruption. The local police have initiated an investigation into the incident.
The maritime shipping and logistics industry plays a vital role in global trade, but it also faces significant cybersecurity risks, as highlighted by this latest incident and others like it. In January, DNV, an Oslo-based ship classification society, experienced a ransomware attack affecting thousands of vessels. The Port of Lisbon also fell victim to a ransomware attack in December, underscoring the industry’s susceptibility to such threats and reminding stakeholders of the importance of proactive measures to prevent cyber attacks and mitigate their impact.
Amidst these growing concerns, U.S. cybersecurity experts are advocating for increased maritime cybersecurity measures. A report published as part of the Cyberspace Solarium 2.0 initiative emphasizes the establishment of a maritime operational technology supply chain testing capability. Like the Department of Energy’s CyTRICS program, this initiative would enable the Cybersecurity and Infrastructure Security Agency (CISA) to probe the security of maritime equipment. The United States Coast Guard and CISA’s National Infrastructure Simulation and Analysis Center already collaborate closely, offering a foundation for the creation of a test bed program for maritime technology. This program could begin by assessing cybersecurity vulnerabilities in foreign-manufactured cranes in U.S. ports, as mandated by the National Defense Authorization Act (NDAA) of fiscal year 2023. Subsequently, the scope can expand to address broader, systemically important maritime OT.
As the maritime shipping and logistics industry faces mounting OT cybersecurity risks and looks more carefully at oversight from governments around the world, it is imperative for organizations to adopt a proactive and comprehensive approach to protect their critical systems.
Leading Terminal Operator Partners with Dragos to Improve Maritime Cybersecurity
Dragos recently published a case study demonstrating how a leading container terminal operator partnered with us to enhance their OT cybersecurity posture.
Several years ago, a prominent container terminal operator recognized the significance of OT cybersecurity and proactively prioritized the protection of its OT systems. Understanding the potential consequences of cyber threats, this company deployed Dragos technology and expertise across its enterprise to ensure the uninterrupted flow of cargo and maintain the safety and reliability of its operations. As a result, the company has fortified its environments, improved threat visibility, and developed effective incident response capabilities.
Learn more about how the team strengthened their defenses, safeguarding their operations and ensuring the secure and uninterrupted flow of global trade – download the case study today.
Maritime Terminal Operator Improves OT Security
Ready to put your insights into action?
Take the next steps and contact our team today.