NATO calls for ports to co-operate on cyber security

Ports are being threatened by sophisticated cyber activities carried out by state-linked actors and criminals, with a rising number of cyber attacks impacting operations.

According to NATO’s Co-operative Cyber Defence Centre of Excellence (CCDCOE), port facilities across Europe and the Mediterranean are coming under attack by threat actors originating from Russia, Iran and China.

Ports are opening more vulnerable attack surfaces by introducing digitalisation and linking operating technology (OT) to online access, with access control systems and vessel traffic management systems identified as the main reported risks, but there are policy gaps in current cyber-security frameworks and a widening threat landscape.

“As the security climate hardens, more destructive measures are anticipated to target critical infrastructure,” says NATO, which adds port cyber security needs to be enhanced, using “immediate policy intervention to establish sector-specific intelligence sharing networks, co-ordination mechanisms and resilience standards,” and most importantly, strengthening cyber defences.

The defence alliance published recommendations to ports in its latest policy brief Addressing State-Linked Cyber Threats to Critical Maritime Port Infrastructure.

In the report, NATO calls for a formal threat intelligence-sharing platform to be developed, specifically for maritime cyber threats, that builds on existing frameworks while addressing the unique requirements of security in this sector.  

“This platform should facilitate not only threat intelligence sharing but also best practices, lessons learned, and co-ordinated response planning among maritime stakeholders,” says NATO.

It recommends co-ordinated responses to significant cyber incidents in port infrastructure, regular information exchanges and incorporating port cyber security scenarios into broader exercises and drills.

IMO could also set up specific maritime cyber-security working groups bringing together port operators, shipping companies, government agencies and security experts to develop comprehensive standards that address the challenges of maritime cyber security.

These groups need to “focus on developing practical guidance for implementing existing cyber-security frameworks in maritime environments, addressing the specific challenges of OT and IT convergence in port operations,” says NATO. It also recommends creating mechanisms for threat intelligence sharing across national boundaries and training personnel in co-ordinated cyber defence.