Connect with us

Hi, what are you looking for?



SCADA Systems Involved in Many Breaches Suffered by US Ports, Terminals

Law firm Jones Walker has published the results of a survey focusing on the cybersecurity preparedness of ports and terminals in the United States.

Law firm Jones Walker has published the results of a survey focusing on the cybersecurity preparedness of ports and terminals in the United States.

According to Jones Walker’s 2022 Ports and Terminals Cybersecurity Survey, there has been a significant increase in cyberattacks targeting this sector, and while a vast majority of the respondents claim they are prepared to handle cyber threats, many have confirmed suffering breaches in the past year.

The report is based on the responses of 125 c-suite executives, directors, security and compliance officers, and general counsel from the ports and terminals industry. The data was collected in May and comes from both blue- and brown-water facilities across the United States.

More than 90% of respondents were very confident in their overall level of cybersecurity and preparedness to withstand a cyber incident.

However, 55% said they had detected an attempt to breach their environment and 45% admitted suffering some type of breach within the past year. Fourteen percent said the incident resulted in data getting encrypted or becoming inaccessible, and 11% said the breach resulted in data exfiltration.

When asked about the types of systems involved in data breaches, 36% named supervisory control and data acquisition (SCADA) systems and 32% named field device management systems.

In addition, SCADA has been named the top ‘cybersecurity vulnerability’ of US ports and terminals.

Advertisement. Scroll to continue reading.

SCADA attacks on US ports and terminals

“As volume and traffic to these facilities have seen exponential growth, maritime ports and terminals have also undergone significant changes in digitalization and automation of terminal operating and industrial control systems (ICS). Facilities are increasingly using automated operational technology (OT) systems to augment information technology (IT) and to communicate data, operate equipment, track cargo and containers, and manage commercial operations,” Jones Walker noted in its report.

When asked to describe the type or nature of the attack that resulted in their facility’s systems getting compromised, RDP was the top response (38%), followed by malware (26%), hacking (24%), social engineering (22%), ransomware (20%), and business email compromise (18%).

Nearly two-thirds of respondents said a solo threat actor was responsible for breaching their systems, followed at a distance by organized crime groups. State-sponsored hackers have only been blamed in 14% of cases, but they are seen by many as one of the main threats.

The complete 2022 Ports and Terminals Cybersecurity Survey is available in PDF format.

ICS Cybersecurity Conference 2022

Related: The Vulnerable Maritime Supply Chain – a Threat to the Global Economy

Related: UN Maritime Agency Hit by ‘Sophisticated Cyberattack’

Related: U.S. Releases Cybersecurity Plan for Maritime Sector

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...


The overall effect of current global geopolitical conditions is that nation states have a greater incentive to target the ICS/OT of critical industries, while...

Cybersecurity Funding

2022 Cybersecurity Year in Review: Top news headlines and trends that impacted the security ecosystem


Wago has patched critical vulnerabilities that can allow hackers to take complete control of its programmable logic controllers (PLCs).


Cybersecurity firm Forescout shows how various ICS vulnerabilities can be chained for an exploit that allows hackers to cause damage to a bridge.


More than 1,300 ICS vulnerabilities were discovered in 2022, including nearly 1,000 that have a high or critical severity rating.


Otorio has released a free tool that organizations can use to detect and address issues related to DCOM authentication.