Maritime cargo facilities say they are open to a new Biden Administration policy that would improve cybersecurity protections at U.S. ports through steps including a move to incentivize the domestic manufacturing of container cranes instead of using imported material handling equipment.
The policy comes in the form of a White House executive order that is focused on the emerging vulnerabilities of maritime supply chains that increasingly rely on networked digital systems instead of logbooks and phone calls.
One way the new policy would address that issue is to provide financial incentives for U.S.-based companies to build the colossal cargo cranes that shuttle shipping containers between box ships and cargo ports. In a press conference, White House officials said that the Chinese-made cranes currently installed at most U.S. cargo ports pose a risk of espionage since hackers could tap into their networked sensors to monitor details of cargo port operations.
“The People’s Republic of China-manufactured ship-to-shore cranes make up the largest share of the global market and account for nearly 80 percent of cranes at U.S. ports. By design, these cranes may be controlled, serviced, and programmed from remote locations. These features potentially leave PRC-manufactured cranes vulnerable to exploitation,” Rear Admiral John Vann, who is the Commander of U.S. Coast Guard Cyber Command, said in a release.
To address that safety gap, the White House announced a plan to fund the domestic manufacturing of that equipment, according to a statement from Anne Neuberger, Deputy National Security Advisor for Cyber and Emerging Technologies. “The administration is also excited to announce that we will invest over $20 billion into U.S. port infrastructure over the next five years through the President’s Investing in America agenda,” Neuberger said. “As part of that, PACECO Corporation, a U.S.-based subsidiary of Mitsui E&S, is planning to onshore domestic manufacturing capacity for American and Korean production for the first time in 30 years, pending final site and partner selection.”
Another aspect of the new focus on cyber security is a “notice of proposed rulemaking” that would add regulations specifically focused on establishing minimum cybersecurity requirements for certain vessels, equipment, and facilities, according to the U.S. Coast Guard. “This proposed rule would help to address current and emerging cybersecurity threats in the marine transportation system,” the Coast Guard said in a release. “The maritime industry is undergoing a significant transformation that involves increased use of cyber-connected systems. While these systems improve commercial vessel and port facility operations, they also bring a new set of challenges affecting design, operations, safety, security, training, and the workforce. This proposed rule would help to address current and emerging cybersecurity threats in the marine transportation system.”
Early support for the White House action came from the American Association of Port Authorities (AAPA), which said the maritime industry is ready and willing to support the policy. In fact, the new approach is closely aligned with an existing AAPA legislative proposal called the Crane Reshoring and National Enforcement of Supply Chain Security (CRANES) Act, which would offer financial support for local crane building through a similar approach to how Congress' CHIPS Act seeks to boost domestic semiconductor production. “America’s ports work closely with our federal partners to maintain the highest possible standards of physical and cybersecurity,” AAPA President and CEO Cary Davis said in a release. “We welcome and applaud President Biden’s actions which further empower the Coast Guard to keep our ports safe along with the Administration’s efforts to build out domestic manufacturing capacity for key equipment.”
Additional support came from the Florida cruise, cargo, and naval facility Port Canaveral, which said it welcomed the White House executive order to create cybersecurity regulations for U.S. ports. “Maritime cybersecurity requires constant and consistent efforts for ports,” Capt. John Murray, Port Canaveral CEO, said in a release. “Port Canaveral teams have worked closely with the Coast Guard to ensure our IT and port security practices align with state and federal directives. All measures and protections aimed at securing our port community are welcomed.”
