PoliticsTop StoryUS

Biden to create cybersecurity standards for the nation’s ports

Quick Read

  • President Joe Biden is set to sign an executive order to enhance cybersecurity at the nation’s ports, introducing federal regulations for port operators to prevent cyberattacks.
  • The initiative, led by Anne Neuberger, Deputy National Security Adviser, aims to establish standardized cybersecurity requirements akin to physical safety regulations.
  • Ports are critical economic hubs, with around 31 million employed and contributing $5.4 trillion to the economy, making them prime targets for ransomware and other cyber threats.
  • The new regulations will be part of a broader effort to modernize the protection of critical infrastructure such as power grids and pipelines, which increasingly rely on remote and online management.
  • The urgency is highlighted by increasing hostile cyber activities globally, including spying and malware attacks that threaten national infrastructure.
  • The initiative comes in the wake of significant cyber incidents, like the 2021 ransomware attack on Colonial Pipeline and a cyber incident at an Australian port that halted operations.
  • Concerns are particularly high for the U.S., where around 80% of cargo-lifting cranes, mainly from China, are remotely controlled, posing a risk of cyberattacks.
  • The new standards, which will undergo a public comment period, will be mandatory for all port operators, with enforcement actions for non-compliance and requirements for reporting cyberattacks.
  • The Coast Guard will play a key role in regulating and responding to cyber threats at ports, enhancing national security against both state-backed and criminal cyber activities.

The Associated Press has the story:

Biden to create cybersecurity standards for the nation’s ports

Newslooks- WASHINGTON (AP) —

President Joe Biden is expected to sign an executive order and create a federal rule Wednesday aimed at better securing the nation’s ports from potential cyberattacks.

The administration is outlining a set of cybersecurity regulations that port operators must comply with across the country, not unlike standardized safety regulations that seek to prevent injury or damage to people and infrastructure.

“We want to ensure there are similar requirements for cyber, when a cyberattack can cause just as much if not more damage than a storm or another physical threat,” said Anne Neuberger, deputy national security adviser at the White House.

Nationwide, ports employ roughly 31 million people and contribute $5.4 trillion to the economy, and could be left vulnerable to a ransomware or other brand of cyber attack, Neuberger said. The standardized set of requirements is designed to help protect against that.

President Joe Biden talks with Los Angeles Mayor Karen Bass, left, and Rep. Maxine Waters, D-Calif., as he arrives at Los Angeles International Airport, Tuesday, Feb. 20, 2024, in Los Angeles. (AP Photo/Manuel Balce Ceneta)

The new requirements, to be published Wednesday, are part of the federal government’s focus on modernizing how critical infrastructure like power grids, ports and pipelines are protected as they are increasingly managed and controlled online, often remotely. There is no set of nationwide standards that govern how operators should protect against potential attacks online.

The threat continues to grow. Hostile activity in cyberspace — from spying to the planting of malware to infect and disrupt a country’s infrastructure — has become a hallmark of modern geopolitical rivalry.

For example, in 2021, the operator of the nation’s largest fuel pipeline had to temporarily halt operations after it fell victim to a ransomware attack in which hackers hold a victim’s data or device hostage in exchange for money. The company, Colonial Pipeline, paid $4.4 million to a Russia-based hacker group, though Justice Department officials later recovered much of the money.

President Joe Biden greets Los Angeles Mayor Karen Bass, left, and Rep. Maxine Waters, D-Calif., as he arrives at Los Angeles International Airport, Tuesday, Feb. 20, 2024, in Los Angeles. (AP Photo/Manuel Balce Ceneta)

Ports, too, are vulnerable. In Australia last year, a cyber incident forced one of the country’s largest port operators to suspend operations for three days.

In the U.S., roughly 80% of the giant cranes used to lift and haul cargo off ships onto U.S. docks come from China, and are controlled remotely, said Admiral John Vann, commander of the U.S. Coast Guard’s cyber command. That leaves them vulnerable to attack, he said.

Late last month, U.S. officials said they had disrupted a state-backed Chinese effort to plant malware that could be used to damage civilian infrastructure. Vann said this type of potential attack was a concern as officials pushed for new standards, but they are also worried about the possibility for criminal activity.

The new standards, which will be subject to a public comment period, will be required for any port operator and there will be enforcement actions for failing to comply with the standards, though the officials did not outline them. They require port operators to notify authorities when they have been victimized by a cyberattack. The actions also give the Coast Guard, which regulates the nation’s ports, the ability to respond to cyber attacks.

Read more political news

Previous Article
Putin says Russia has no intention of putting nuclear weapons in space
Next Article
US lawyers: WikiLeaks’ Assange went far beyond journalism, should face spying charges

How useful was this article?

Click on a star to rate it!

Average rating 0 / 5. Vote count: 0

No votes so far! Be the first to rate this article.

Latest News

Menu