Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

ICS/OT

SCADA Systems Involved in Many Breaches Suffered by US Ports, Terminals

Law firm Jones Walker has published the results of a survey focusing on the cybersecurity preparedness of ports and terminals in the United States.

Law firm Jones Walker has published the results of a survey focusing on the cybersecurity preparedness of ports and terminals in the United States.

According to Jones Walker’s 2022 Ports and Terminals Cybersecurity Survey, there has been a significant increase in cyberattacks targeting this sector, and while a vast majority of the respondents claim they are prepared to handle cyber threats, many have confirmed suffering breaches in the past year.

The report is based on the responses of 125 c-suite executives, directors, security and compliance officers, and general counsel from the ports and terminals industry. The data was collected in May and comes from both blue- and brown-water facilities across the United States.

More than 90% of respondents were very confident in their overall level of cybersecurity and preparedness to withstand a cyber incident.

However, 55% said they had detected an attempt to breach their environment and 45% admitted suffering some type of breach within the past year. Fourteen percent said the incident resulted in data getting encrypted or becoming inaccessible, and 11% said the breach resulted in data exfiltration.

When asked about the types of systems involved in data breaches, 36% named supervisory control and data acquisition (SCADA) systems and 32% named field device management systems.

In addition, SCADA has been named the top ‘cybersecurity vulnerability’ of US ports and terminals.

SCADA attacks on US ports and terminals

“As volume and traffic to these facilities have seen exponential growth, maritime ports and terminals have also undergone significant changes in digitalization and automation of terminal operating and industrial control systems (ICS). Facilities are increasingly using automated operational technology (OT) systems to augment information technology (IT) and to communicate data, operate equipment, track cargo and containers, and manage commercial operations,” Jones Walker noted in its report.

When asked to describe the type or nature of the attack that resulted in their facility’s systems getting compromised, RDP was the top response (38%), followed by malware (26%), hacking (24%), social engineering (22%), ransomware (20%), and business email compromise (18%).

Nearly two-thirds of respondents said a solo threat actor was responsible for breaching their systems, followed at a distance by organized crime groups. State-sponsored hackers have only been blamed in 14% of cases, but they are seen by many as one of the main threats.

The complete 2022 Ports and Terminals Cybersecurity Survey is available in PDF format.

ICS Cybersecurity Conference 2022

Related: The Vulnerable Maritime Supply Chain – a Threat to the Global Economy

Related: UN Maritime Agency Hit by ‘Sophisticated Cyberattack’

Related: U.S. Releases Cybersecurity Plan for Maritime Sector

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

ICS/OT

Otorio has released a free tool that organizations can use to detect and address issues related to DCOM authentication.

ICS/OT

Vulnerabilities in GE’s Proficy Historian product could be exploited for espionage and to cause damage and disruption in industrial environments.

Application Security

A new report finds that barely 1% of all SBOMs being generated today meets the “minimum elements” defined by the U.S. government.

Supply Chain Security

Oracle's Critical Patch Update for January 2023 includes 327 patches, with more than 70 that address critical-severity vulnerabilities.

ICS/OT

A hacktivist group has made bold claims regarding an attack on an ICS device, but industry professionals have questioned their claims.

Malware & Threats

Norway‎-based DNV said a ransomware attack on its ship management software impacted 1,000 vessels.

ICS/OT

Vulnerabilities in industrial routers made by InHand Networks could allow hackers to bypass security systems and gain access to OT networks.