Cybersecurity professionals are noting the possibility of Russia reprising a watershed attack on the shipping industry to hit back against the U.S. economy.
Cybersecurity and Infrastructure Security Agency Director Jen Easterly is flagging the maritime transportation sector as an increasingly imperiled soft spot in U.S. critical infrastructure that Russian adversaries have previously disrupted via cyberattack.
“Given the vital role of the industry, the importance of securing systems and functions that make up the maritime transportation sector cannot be overstated,” she said, addressing the Hack the Port conference Tuesday. “That said, protecting the industry from cyber threats is really becoming increasingly complex, as connected and often unsecure control systems make maritime organizations a prime target for malicious actors,” she said. “We expect these types of threat tactics to actually become increasingly prevalent over the next few years.”
Citing data from the U.S. Coast Guard—which, like CISA, is housed within the Department of Homeland Security—Easterly said about $5.4 trillion flows through the sector each year, accounting for a quarter of U.S. gross domestic product. No industry operates independently from the sector, she said.
That alone makes for a juicy target in the context of a presidential warning that Russia may be planning a cyberattack against the U.S., in response to sanctions the U.S. and allies implemented in the wake of the invasion of Ukraine.
“When you really look at that issue holistically, and you have a perpetrator that's really looking to maximize economic impact, I think [maritime transportation] is a sector that we—not to use a bad pun, but—we need to make sure that all boats rise,” said Frank Cillufo, the director of Auburn University's McCrary Institute for Cyber and Critical Infrastructure Security, who also served as a member of the Congressionally mandated Cyberspace Solarium Commission. “And I think they probably have a ways to go compared to say electricity or financial services or defense industrial base.”
Cillufo was speaking at a separate event Tuesday on the cybersecurity implications of the Russia-Ukraine conflict.
In 2017, malware from an attack on Ukraine that U.S. officials have since attributed to the Russian military also made its way into the systems of U.S. companies, like shipping giant Maersk. What became known as NotPetya led to about $300 million in financial loss to the company and the congestion of ports around the world, “so pretty serious consequences,” Easterly said.
Global supply chains are already under massive strain due to the pandemic and other factors, and over the course of that time cyberattacks on maritime vessels rose 400%, Easterly added, noting that in 2020 alone there were 500 major incidents targeting sensitive operational technology.
Easterly stressed the importance of public-private partnerships and used the opportunity to recruit talent for her agency.
“There are probably some students out there who want to join Team CISA,” she said, noting deeper collaboration from industry across all sectors will “help us inspire a future generation of passionate and inquisitive and creative individuals.”