Attacks and Vulnerabilities
Critical infrastructure
Industrial Cyber Attacks
Malware, Phishing & Ransomware
News
Regulation, Standards and Compliance
Supply Chain Security
System Design & Architecture
Threat Landscape
Vulnerabilities

Biden signs Executive Order to strengthen DHS against maritime cyber threats amid cybersecurity concerns

February 22, 2024
Biden signs Executive Order to strengthen DHS against maritime cyber threats amid cybersecurity concerns

U.S. President Joe Biden signed an executive order aimed at enhancing the capabilities of the Department of Homeland Security (DHS) to counter maritime cyber threats. The action is in response to increasing concerns over threats to U.S. critical infrastructure from nation-states and broader security issues related to the reliance on overseas supply chains. Additionally, it addresses worries about cyber risks to port facilities and maritime transportation, prompting a shift in crane manufacturing back to the U.S., particularly due to concerns regarding threats from China.

In his Executive Order, President Biden wrote “I find that the security of the United States is endangered by reason of disturbances in the international relations of the United States that exist as a result of persistent and increasingly sophisticated malicious cyber campaigns against the United States, and that such disturbances continue to endanger such relations.”

The executive order will give the U.S. Coast Guard the authority to respond to malicious cyber activity by requiring maritime transportation vessels and facilities to shore up their cybersecurity and institute mandatory reporting of cyber incidents. The Coast Guard will also issue a notice of proposed rulemaking to establish minimum cybersecurity requirements that meet international and industry-recognized standards to best manage cyber threats.

The administration also announced that it will invest over US$20 billion into the nation’s port infrastructure over the next five years through the President’s Investing in America agenda. As part of that, PACECO Corporation, a U.S.-based subsidiary of Mitsui E&S, is planning to onshore domestic manufacturing capacity for American and Korean production for the first time in 30 years, pending final site and partner selection.

Finally, the Coast Guard will announce a maritime security director, which Admiral Vann will outline in greater detail, regarding the security of ports related to these cranes.

The People’s Republic of China-manufactured ship-to-shore cranes make up the largest share of the global market and account for nearly 80 percent of cranes at U.S. ports. By design, these cranes may be controlled, serviced, and programmed from remote locations. These features potentially leave PRC-manufactured cranes vulnerable to exploitation.

Anne Neuberger, Deputy National Security Advisor for Cyber and Emerging Technologies, said in a Tuesday press briefing that “most critical infrastructure owners and operators have a list of safety regulations they have to comply with, and we want to ensure that there are similar requirements for cyber when a cyberattack can cause just as much, if not more, damage than a storm or another physical threat.”

The briefing was also attended by Iranga Kahangama, assistant secretary for cyber, infrastructure, risk, and resilience at the DHS; and Rear Admiral John Vann, commander of Coast Guard Cyber Command.

“The department is really excited about the actions that we’re taking as a comprehensive whole-of-DHS approach to mitigating cyber threats to our critical infrastructure, particularly in the maritime sector and port infrastructure, which have downstream implications to our supply chains,” Kahangama said. 

Specifically regarding the notice of proposed rulemaking on DHS regulations and minimum cybersecurity standards, Kahangama said that the agency is excited to put this out for public comment. It helps showcase its “commitment to partnership in developing these regs and building off of lessons learned as part of the administration’s approach to instituting mandatory cybersecurity minimum standards.”

The department worked closely with entities such as the Transportation Security Administration (TSA), who have done some of this work through some of its emergency directives, and in close partnership and consultation with industry partners to ensure that the cybersecurity requirements are in line with expectations.

And so, Kahangama added that “we enthusiastically welcome public comment on these as we develop cybersecurity standards in line with the Biden-Harris administration’s approach to identifying and using mandatory regulations to improve critical infrastructure, cybersecurity, where we deem it most necessary.”

Also in line with the department’s approach to harmonization, “we are attempting to make sure that those rules and regulations align with other efforts that we’re taking underway, and are doing our best to align those with existing frameworks instituted by CISA and partners at NIST as well.” he added. 

Kahangama also emphasized “that the department also sees that the threat posed to critical infrastructure, particularly maritime and port infrastructure, is a whole-of-department approach, not only leveraging the Coast Guard’s authorities and announcements tomorrow, but as mentioned, the department’s newly announced Supply Chain Resilience Center last November as part of a White House rollout, but that this component is going to seek to bolster U.S. supply chain security, harness and maximize the department’s capabilities related to lawful trade and travel, and manage critical infrastructure security, leveraging its unique resources around the department.”

The executive order ensures Coast Guard authorities are aligned with emerging cybersecurity threats and reflects the commitment of the administration, DHS, and the Coast Guard to safeguard maritime critical infrastructure. The EO directly amends federal regulations and provides a Coast Guard captain of the port with clear authority to take action in the face of cyber threats. This includes controlling the movement of vessels that present a known or suspected cyber threat, requiring facilities to correct unsatisfactory cyber conditions that may endanger port safety and security, or inspecting and search of vessels and waterfront facilities to include their cyber systems and networks.

“The update also empowers the Commandant of the Coast Guard to prescribe measures to prevent, detect, assess, and remediate an actual or threatened cyber incident,” according to Vann. “As we undertake measures to prevent cyber incidents, let me address a specific, acute MTS cyber vulnerability that was mentioned earlier.”

On the heels of this executive order, the Coast Guard is issuing a Maritime Security, or MARSEC, directive based on the prevalence of PRC-manufactured cranes in the U.S. and threat intelligence related to PRC’s interests in disrupting U.S. critical infrastructure.

The MARSEC Directive will impose several cybersecurity requirements on the owners and operators of PRC-manufactured cranes, Vann said. “The specific requirements are deemed sensitive security information and cannot be shared publicly. Our captains of the port around the country will be working directly with crane owners and operators to deliver the directive and verify compliance.”

Finally, Vann added “We’re announcing a notice of proposed rulemaking that will establish baseline cybersecurity requirements to protect the entire MTS from cyber threats. Those draft requirements are primarily based on the Cybersecurity and Infrastructure Security Agency’s cross-sector Cybersecurity Performance Goals, which the maritime industry should already be familiar with.”

The proposed regulations would require several cybersecurity measures to be implemented by all regulated entities. The Coast Guard highly encourages MTS stakeholders to provide feedback and input during the period of public comment, which begins tomorrow. A federal register notice will outline the process for submitting comments through the federal decision-making portal, and the public comment period will be open until April 22nd of this year.

Last month, the U.S. House Homeland Security Committee along with the Select Committee on the Chinese Communist Party (CCP) widened their joint investigation into security vulnerabilities in the nation’s maritime sector, particularly relating to CCP cybersecurity and supply chain risks. In their latest move, the committee requested Swiss Company ASEA Brown Boveri Ltd. (ABB) testimony on its ‘concerning’ ties to Chinese state-owned enterprises.

Anna Ribeiro
Industrial Cyber News Editor. Anna Ribeiro is a freelance journalist with over 14 years of experience in the areas of security, data storage, virtualization and IoT.

A complimentary guide to the who`s who in industrial cybersecurity tech & solutions

Free Download

Related

Dragos reports decline in ransomware attacks on industrial sector amid law enforcement measures
Dragos reports decline in ransomware attacks on industrial sector amid law enforcement measures
MITRE's CREF Navigator aligns with DoD's CMMC to boost cyber resilience in defense industrial base
MITRE’s CREF Navigator aligns with DoD’s CMMC to boost cyber resilience in defense industrial base
UK’s NCSC debuts CAF v3.2 to address rising threats to critical national infrastructure, boosts cybersecurity readiness
UK’s NCSC debuts CAF v3.2 to address rising threats to critical national infrastructure, boosts cybersecurity readiness
Cisco Talos details ArcaneDoor campaign found targeting perimeter network devices across critical infrastructure
Cisco Talos details ArcaneDoor campaign found targeting perimeter network devices across critical infrastructure
Forescout report warns of growing security risks to critical infrastructure as OT/ICS exposed data escalates
Forescout report warns of growing security risks to critical infrastructure as OT/ICS exposed data escalates
ASIS Foundation reports on impact of autonomous vehicles on security and technology
ASIS Foundation reports on impact of autonomous vehicles on security and technology
European Commission makes €112 million investment in AI, quantum research under Horizon Europe program
European Commission makes €112 million investment in AI, quantum research under Horizon Europe program
MITRE unveils ATT&CK v15 with upgraded detections, analytic format, cross-domain adversary insights
MITRE unveils ATT&CK v15 with upgraded detections, analytic format, cross-domain adversary insights
RMC
Risk Mitigation Consulting acquires Securicon, boosting cybersecurity and mission assurance offerings
Hackers target Tipton Municipal Utilities wastewater treatment plant, prompting federal investigation
Hackers target Tipton Municipal Utilities wastewater treatment plant, prompting federal investigation