Virtual Event: Threat Detection and Incident Response Summit - Watch Sessions
Connect with us

Hi, what are you looking for?



U.S. Releases Cybersecurity Plan for Maritime Sector

The U.S. government has released a plan with a list of top-priority items to mitigate threats and provide security to the crucial maritime sector.

The U.S. government has released a plan with a list of top-priority items to mitigate threats and provide security to the crucial maritime sector.

The National Maritime Cybersecurity Plan, which was made public (PDF) on Tuesday, highlights several priority actions to close maritime cybersecurity gaps and vulnerabilities over the next five years.

The maritime sector, which includes hundreds of thousands of major waterways, shipyards, ports and bridges, contributes about $5.4 trillion to the U.S. gross domestic product. 

At a high level, the plan sets out priorities and goals around the establishment of global standards to define maritime threats, beefing up threat intel and information sharing, and increasing the cybersecurity workforce in the maritime sector.

“The proliferation of IT across the maritime sector is introducing previously unknown risks, as evidenced by the June 2017 NotPetya cyber-attack, which crippled the global maritime industry for more than a few days,” the White House said.

“This plan articulates how the United States government can best buy down the potential catastrophic risks to national security and economic prosperity,” the government said, noting that the increasing reliance on IT and OT will continue to promote maritime commerce efficiency and reliability.

The plan calls for a high priority to be placed on what is described as deconflicting government roles and responsibilities.

Advertisement. Scroll to continue reading.

“Some MTS operators lack the ability to control the security of critical systems because different public and private entities own and operate these interconnected systems. Although cybersecurity standards and frameworks are widely available, businesses often lack the resources or expertise to implement them effectively, leaving them vulnerable to cybersecurity disruptions,” the U.S. government warned.

Because no single entity owns, controls, manages, or regulates businesses or networks used throughout the maritime domain, the plan calls for the NSC (National Security Council) staff to identify gaps in legal authorities and identify efficiencies to de-conflict roles and responsibilities for MTS cybersecurity standards.

The plan’s other priorities include developing risk modeling to inform maritime cybersecurity standards and best practices; strengthening cybersecurity requirements in port services contracts and leasing; and improve the level of information sharing between the U.S. government and the private sector.

“Credible and actionable intelligence is required to strengthen maritime cybersecurity,” the government asserted, noting it will create mechanisms to share unclassified, and when acceptable, classified information with maritime industry stakeholders, increasing access to actionable information to protect maritime IT and OT networks.

Furthermore, the plan calls for the creation of an international “port OT risk framework” based on input from partners, which will be promoted internationally.

The plan also zeroes in on producing cybersecurity specialists and a robust workforce to manage and protect port and vessel systems.

“The dual threat of opportunistic ransomware infection and targeted nation state power projection over the past few years has demonstrated the impact of cyber attacks on national security and commercial supply chains,” Grant Geyer, Chief Product Officer at industrial cybersecurity firm Claroty, told SecurityWeek. “We saw examples of the potential for massive disruption during the 2017 NotPetya infections in commercial maritime enterprises, and Iran’s revelation that their port activities were disrupted by a cyber attack in 2020.”

“Coupling these highly vulnerable OT maritime environments with a severe lack of expertise in OT security,” Geyer continued, “creates the potential for massive risk to critical infrastructure. What strikes me as very important about the National Maritime Cybersecurity Plan is the purposeful focus on ensuring risk mitigation to the critical ships and port systems, and the focus on developing expertise and career paths for maritime cybersecurity.”

Related: UN Maritime Agency Hit by ‘Sophisticated Cyberattack’

Related: Hackers Start Leaking Files Stolen From Shipping Giant Toll

Related: Maritime Cybersecurity: Securing Assets at Sea

RelatedChina-linked Hackers Target Engineering and Maritime Industries

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.


Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...


The latest Chrome update brings patches for eight vulnerabilities, including seven reported by external researchers.


Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.