Letter from the Editor: Maritime Cyberattacks

Although large amounts of news and information have been circulating recently pertaining to the invasion of Ukraine by Russia, there’s one nugget of information that’s flown under the radar so far: potential retaliation against the U.S. maritime transportation sector.

The remarks didn’t receive much media attention, but national Cybersecurity and Infrastructure Security Agency Director Jen Easterly recently said that America’s maritime transportation sector could be an infrastructure soft spot that Russia may try to disrupt via cyberattack.

“Given the vital role of the industry, the importance of securing systems and functions that make up the maritime transportation sector cannot be overstated,” Easterly said in March during “Hack the Port,” a maritime and control systems cybersecurity conference that took place in Florida.

“That said,” she continued, “protecting the industry from cyber threats is really becoming increasingly complex, as connected and often unsecure control systems make maritime organizations a prime target for malicious actors. We expect these types of threat tactics to actually become increasingly prevalent.”

Her remarks were made around the same time that the Biden Administration announced that Russia could be planning a cyberattack against the U.S. in response to sanctions that America has implemented in the wake of the invasion of Ukraine.

Such an attack wouldn’t be unprecedented, as multiple maritime transport companies have been hit by cyberattacks by foreign powers over the past few years. One of the most notorious them was 2017’s NotPetya trojan horse malware attack, which cybersecurity experts blamed on the Russian government.

NotPetya, which spread by tricking computer users within various businesses into downloading and installing malicious software, affected a number of maritime firms, including Maersk Line. Cyberattacks have also impacted terminals at major U.S. ports in recent years, including a 2018 ransomware attack on the China Ocean Shipping Co. terminal at the Port of Long Beach and a June 2017 cyberattack that led to Danish shipper AP-Moller Maersk shutting down its Port of Los Angeles terminal for three days.

That ransomware attack that temporarily crippled Maersk’s operations globally and cost it an estimated $100 million per day in lost productivity.

At “Hack the Port,” Easterly noted that in 2020 alone there were 500 major incidents targeting sensitive operational technology.

Her words serve as a sobering reminder that all within the maritime sector should ensure that they install the latest software security updates on their devices, lest those devices potentially be used against them and/or companies they do business with.

Salmon in the Seine

On another topic, I wanted to let you know that one of Maritime Publishing’s terrific freelance journalists, Norris Comer, has a new book coming out. “Salmon in the Seine: Alaskan Memories of Life, Death, & Everything In-Between,” is his debut memoir and chronicles his time working as a commercial fisherman in the Great White North aboard a highliner salmon purse seiner while in his teens.

“I was 18 years old and fresh out of high school when I ventured north to Cordova, Alaska, in 2008 to kick off my Gap Year before college,” he wrote. “What started as an aspiration to make good money and experience a proper seagoing adventure became reality aboard a highliner salmon purse seiner after pounding the docks.”

“The ecstasy of big catches, camaraderie and budding romances, and Alaska’s epic embrace crash into tragedies like Exxon Valdez oil spill cultural trauma, a fatal cancer diagnosis, and life or death struggles at-sea,” he explained.

“Salmon in the Seine” was published by Milspeak Books in early May and is available on Amazon and wherever books are sold.

Managing Editor Mark Nero can be reached at mark@maritimepublishing.com