Port of Los Angeles Plans Cyber Intelligence Facility as Maritime Threats Grow

The Port of Los Angeles is building a multimillion-dollar facility designed to share intelligence on cyber threats between the public and private sectors amid increasing attacks on the maritime and logistics industries.

The Cyber Resilience Center will serve as a central hub for the port, shipping lines, and suppliers such as railroad operators and telecommunications firms to share information. The project is one of the first of its kind in the U.S., said Gene Seroka, the port’s executive director.

“What we’ve noticed over time is that the potential penetrations and cyber threats have grown each and every year,” he said. Mr. Seroka cited incidents such as the 2017 NotPetya attacks, which affected shipping lines, and ransomware targeting the nearby Port of Long Beach in 2018 and shipping giant CMA CGM SA in October.

“As this growth [in threats] became so evident, we thought we needed to find a way to bring the private sector into this space as well,” Mr. Seroka said.

Maritime trade is a tempting target for hackers. The Port of Los Angeles said it facilitated $276 billion in trade during 2019, while the International Chamber of Shipping estimates that the total value of world shipping trade reached $14 trillion last year.

The port has selected International Business Machines Corp. to build the facility, which it expects will go live toward the end of 2021. Wendi Whitmore, vice president of IBM Security’s X-Force business, said participants will be able to share information anonymously on the platform, which will standardize data from different companies’s cybersecurity tools.

This capability, along with the focus on the port, is what will set the Cyber Resilience Center apart from existing platforms, such as the Information Sharing and Analysis Center for the maritime industry, Ms. Whitmore said.

“A lot of times in an ISAC, you have organizations sharing data, maybe sharing buckets of indicators, and then the receiving organization will have to take that data and then figure out how to make it work within their organization based on the tools they have,” she said. “We’re going to actually provide the plumbing to do that in an automated capacity for a wide variety of tools.”

Lance Kaneshiro, the port’s chief information officer, will be in charge of the project. It will operate alongside the port’s cybersecurity operations center, which opened in 2014.

The inclusion of suppliers in the center comes as organizations in both the public and private sectors are scrutinizing the security of their third-party vendors more carefully. In the past week, successful cyberattacks on high-profile vendors such as software company SolarWinds Corp. and cybersecurity firm FireEye Inc., which supply both governments and Fortune 500 companies with services and products, prompted an investigation led by the Federal Bureau of Investigation.

Cybersecurity within the maritime industry has also been a focus for institutions such as the U.S. Coast Guard, which took the rare step of publicizing details of a cyberattack on a ship headed for the Port of New York and New Jersey in 2019. Regulators, including the International Maritime Organization, have updated their guidelines for risk management on vessels to include cybersecurity.

Mr. Seroka said that he hopes the center will serve as a model for other large ports in the U.S. and elsewhere, stressing the importance of information-sharing as a defensive tool. With the shipping industry becoming more digitized and interconnected, he said, cyber threats require facilities such as ports to give priority to “how we can set data standards, business rules and open architecture that will allow us to share information and protect it.”
Source: Wall Street Journal