Work by the Port of Los Angeles to create a Cyber Resilience Center involving companies that do business at the port is a credit-positive approach to dealing with the risk of online attacks, according to Moody’s Investors Service.
The port convened a maritime stakeholder working group on April 24 comprising shipping lines, marine terminal operators, railroad companies, labor and representatives from the trucking industry to discuss closer collaboration to deal with cybersecurity threats. The effort is still in the planning stages.
“The decision to form a cross-sector Cyber Resilience Center is credit positive because it marks a continued evolution of the port’s focus on strengthening capabilities to prevent cybersecurity threats,” Moody’s analyst Moses Kopmar wrote in Friday’s report.
A Cybersecurity Operations Center created by the port in 2014 to monitor network traffic and detect cyber incidents has prevented roughly 20 million cyber-intrusion attempts per month, according to Moody’s.
Despite that effort, two of the port’s largest tenants have fallen victim to cyberattacks in recent years.
As a landlord port, POLA owns, but does not operate its facilities, leasing them to private companies.
“A challenge with this model is the limit on the port’s ability to manage cyber risk across all aspects of the cargo supply chain: the systems that process bookings, pilot ships, plan terminal operations, coordinate equipment and community with third-party shippers all reside on the respective networks of different cargo,” Kopmar wrote.
The collaborative effort attempts to bridge the gap by ensuring robust prevention efforts across all stakeholders in the cargo supply chain.
The new Cyber Resilience Center would be organized as an Information Sharing and Analysis Center, which Kopmar wrote is a recognized best practice for providing two-way sharing of information on cyber threats to critical infrastructure.
“I’m proud the Port is taking the lead on the first ever cross-sector Cyber Resilience Center,” said Gene Seroka, the port’s executive director, in a statement.
A.P. Moller-Maersk A/S, the world’s largest container shipping company, was infected in June 2017 by the NotPetya cyberattack. The attack severely damaged Maersk’s network, including the systems used by Maersk’s terminal operating company, APM Terminals, which operates the largest container terminal at the port.
A year later, in July 2018, China Ocean Shipping Co., which leases terminals at both the Port of Los Angeles and the Port of Long Beach, experienced a cyberattack. China Shipping suffered less damage, because it isolated its Shanghai server, containing the damage, but its terminal at Long Beach operated at reduced capacity for four days.
“Over the past few years, we have seen how cyber incidents have impacted some ports across the world, threatening the operations of the entire maritime supply chain,” said Tom Gazsi, deputy executive director and chief of public safety and emergency management at the port. “That is why we’re taking a collaborative approach to strengthen our cybersecurity posture."