Protecting U.S. economic health through improved port cybersecurity

Due to the increasing automation of U.S. maritime ports, cybersecurity has become every bit as important as physical security. A team of researchers at the Critical Infrastructure Resilience Institute (CIRI) at the University of Illinois is leading an effort to help owners and operators at U.S. ports and the U.S. Coast Guard to strengthen the physical and cybersecurity of American ports against natural and man-caused disruptions. Port Everglades in Ft. Lauderdale, Fla.

According to a 2014 report by Martin Associates, the economic value of activity at U.S. ports in 2014 was $4.6 trillion, more than a quarter of the nation’s GDP. Because automation plays a more prominent role in how cargo is moved, stored, and tracked within a port system, a disruption in operations can be felt at almost every economic level, from local to national. Also at stake: national security.

“With more than 95 percent of all trade passing through U.S. shipping ports, ensuring their cybersecurity is as important as ensuring their physical security,” says Dr. Gabriel Weaver, a research scientist at the University of Illinois who is leading the project. “Our project aims to develop a tool that enables port operators to better understand the interdependencies of the port’s systems, to conduct what-if scenarios that outline the impacts of potential disruptions, and to develop effective strategies for responding to those scenarios.”

According to Weaver, his project goes beyond previous studies by providing a detailed picture of how cyber, physical, and economic interactions affect operations at a specific port before, during, and after a disruption. The project is funded by CIRI, a DHS Center of Excellence tasked with conducting research and developing solutions that will enhance the security and resilience of the nation’s critical infrastructure.

Whether disruptions are due to cybersecurity issues or natural disasters, they are on the rise. In June 2017, an attack on shipping giant A.P. Moller-Maersk’s networks caused ripples throughout the global shipping community as operators were unable to locate cargo and containers. The company’s Los Angeles terminal was shut down for three days as they worked to resolve the fallout and safely bring systems back online. In October 2012, Hurricane Sandy severely damaged the ports of New York and New Jersey, causing gas stations to run out of fuel within days after petroleum shipments could not be unloaded. Weaver and Dr. Lavanya Marla, the co-investigator on the project, seek to understand the economic impact of these kinds of disruptions and to suggest methods for minimizing their impact. 

“It is important to fully appreciate the impact of protecting U.S. ports from cyberattacks,” says Weaver. “The reality is that within 24 hours of a disruption to a port on either U.S. coast, retailers across the country are going to feel the impact. We’re doing work that strengthens the resilience of port operations so that we can minimize the impact of disruptions, whether it’s from a hurricane or a cyberattack.”

Working in partnership with the U.S. Coast Guard, Weaver’s team is using Port Everglades as the base of the study. The Ft. Lauderdale, Fla., seaport supports container and petroleum trade, military operations, and leisure cruise operations with an annual economic value of more than $28 billion. Like most ports of its size, Port Everglades uses operational technology for management of multimodal transportation logistics to distribute goods through road, rail, and air. 

“Having a DHS Center of Excellence like CIRI is vital to our operations,” says Dr. Joe DiRenzo, Director of Research Partnerships at the U.S. Coast Guard Research and Development Center. “Often, we don’t have the manpower or the resources to do a deep dive into some of the critical issues the Coast Guard is facing because of how broad our project portfolio is. Through our partnership with CIRI, we can get a world-class research team looking at an issue and then we can blend the contributions of our subject matter experts with their researchers to the benefit of both organizations.”

As has become a hallmark of CIRI-sponsored research projects, Weaver’s team will address the concerns of a wide range of stakeholders, including security, finance, customs and border protection, operations, and local law enforcement. Maritime ports are a network of interconnected systems, regulatory agencies, and vendors, and the project design accounts for that. While improving and securing the operations of the port as an overarching entity is the goal, the research team will need to drill down into the systems at the tenant level to accomplish that.

Dr. Gabriel Weaver, Principal Investigator for the projectThe end product will be a software package that provides real-time feedback before, during, and after a disruption event occurs. Before an event, the software will run simulated scenarios to prioritize investments in physical, cyber, and intellectual assets. During an event, the software can help decision makers mitigate a disruption. After an event, the framework will help organizations recover in a state that is more resilient and robust than it was prior to the event. Too often, systems fail to capture lessons learned during a failure or an attack, which diminishes long-term institutional learning.

Weaver and his team have conducted several field visits to Port Everglades. Over the next several months, they will return to Port Everglades periodically to test the software in real-world use cases and to get expert feedback from the port operators and support personnel that will deploy the software once it’s fully developed.

“Cybersecurity is not just a trendy topic,” says Randy Sandone, CIRI Executive Director. “Automation is essential to efficient port operations, so we must take steps to secure those systems. This project will enhance the resilience of the nation’s maritime transportation system by advancing contingency planning efforts at maritime ports, driving development of more robust business processes, and improving the connection between critical infrastructure sectors operating within our ports.”