Biden signs executive order to create cybersecurity rules for US ports
COLLEEN LONGFebruary 21, 2024
President Biden signed an executive order Wednesday creating a federal rule aimed at better securing the nation’s ports against potential cyberattacks.
The government is outlining a set of cybersecurity rules that port operators across the country must comply with, similar to standardized safety rules that aim to prevent injury or damage to people and infrastructure.
We want to ensure that there are similar requirements for cyber, when a cyber attack can cause as much, if not more, damage than a storm or other physical threat, said Anne Neuberger, deputy national security adviser at the White House.
Nationwide, ports employ about 31 million people and contribute $5.4 trillion to the economy, and could remain vulnerable to ransomware or other types of cyberattacks, Neuberger said. The standardized set of requirements is intended to protect against this.
The new requirements are part of the federal government’s focus on modernizing how critical infrastructure such as power grids, ports and pipelines are protected, as they are increasingly managed and monitored online, often remotely. There is no set of national standards that determine how operators should protect themselves against potential online attacks.
The threat continues to grow. Hostile activities in cyberspace, from espionage to planting malware to infect and disrupt a country’s infrastructure, have become a hallmark of modern geopolitical rivalry.
For example, in 2021, the operator of the country’s largest fuel pipeline had to temporarily suspend operations after falling victim to a ransomware attack in which hackers held its data hostage in exchange for money. The company, Colonial Pipeline, paid $4.4 million to a Russia-based hacker group, although Justice Department officials later recovered much of the money.
Ports are also vulnerable. Last year in Australia, a cyber attack forced one of the country’s largest port operators to suspend operations for three days.
In the U.S., about 80% of the giant cranes used to lift and transport cargo from ships to U.S. docks come from China and are controlled remotely, Adm. said. John Vann, commander of the US Coast Guard Cyber ​​Command. That makes them vulnerable to attack, he said.
Late last month, US officials said they had disrupted a state-backed Chinese effort to plant malware that could be used to damage civilian infrastructure. Vann said these types of potential attacks were a concern as officials pushed for new standards, but they also worry about the possibility of criminal activity.
The new standards, which will be subject to a public comment period, will be required of every port operator and there will be penalties for failure to comply, although officials have not outlined them. They require port operators to notify authorities when they have fallen victim to a cyber attack. The actions also give the Coast Guard, which regulates the country’s ports, the ability to respond to cyber attacks.
Fernando Dowling is an author and political journalist who writes for 24 News Globe. He has a deep understanding of the political landscape and a passion for analyzing the latest political trends and news.