President Biden will sign an executive order ensuring that critical port infrastructure adheres to international safety regulations. The order includes mandatory reporting of maritime cyber attacks to the Coast Guard Cyber Command, which will then share information with the Cybersecurity & Infrastructure Security Agency (CISA) and other relevant government agencies.

A new maritime security director will be appointed to oversee these efforts, emphasizing a holistic approach to address cyber threats to critical infrastructure.

The recently established Supply Chain Resilience Center and a $20 billion investment through the Investing in America Agenda will play integral roles in enhancing port security.

Hong Kong's port faces declining cargo amidst competition Hong Kong's port faces declining cargo amidst competition

With over $5.4 trillion in economic activity and more than 90% of overseas trade passing through U.S. ports, the administration recognizes the potential cascading impact of a cyberattack on both domestic and global supply chains.

The focus on port security extends to equipment known as remote ship-to-shore cranes, with concerns raised about 80% of these cranes being made in China and using Chinese software. The Coast Guard has evaluated 92 of the 200-plus cranes.

Ongoing debates surround the potential use of these cranes for Chinese surveillance, prompting discussions on the long-term goal of investing in onshoring port crane manufacturing.

While China is a primary concern, the executive order also addresses criminal cybersecurity threats, citing the disruption at Japan’s Port of Nagoya after a ransomware attack.

Since 9/11, maritime port security has been a priority, with initiatives like the Container Security Initiative (CSI) aiming to identify and inspect containers posing potential terrorism threats.

The Port of Los Angeles leads in proactive cybersecurity measures, having established a Cyber Security Operations Center (CSOC) in 2014 and achieving ISO 27001 certification in 2015.

A 2023 report from the Department of Transportation Maritime Administration highlights vulnerabilities in U.S. ports due to multiple stakeholders involved in port operations.

Legislation, such as the Port Crane Security and Inspection Act of 2023, addresses concerns about foreign-made cranes, particularly those using Chinese software. The AAPA contends there is no evidence supporting claims about Chinese-manufactured crane cyber vulnerabilities.

Public comments on the proposed rulemaking will be open until April 22, inviting stakeholder input on these crucial maritime security measures.