Cyber experts call for CISA to establish maritime equipment test bed

The proposals follow several cyberattacks on vulnerable European maritime infrastructure targets last year.
Giant shovel being hoisted inside large bulk carrier to help unloading the ship, Port of Rotterdam, the Netherlands.

Cybersecurity experts have called for the Cybersecurity and Infrastructure Security Agency to establish a test bed to probe the security of maritime equipment in a new report published as part of the Cyberspace Solarium 2.0 initiative.

According to the report, the Department of Homeland Security agency should set up a maritime operational technology supply chain testing capability, akin to the Department of Energy’s Cyber Testing for Resilient industrial Control Systems (CyTRICS) program.

The proposals come amid rising concerns about the vulnerability of critical United States ports and in response to several major cyberattacks on vulnerable European infrastructure targets last year.

Current collaboration between the United States Coast Guard and CISA’s National Infrastructure Simulation and Analysis Center could facilitate the creation of a test bed program for maritime technology, according to the report. “The program can begin by testing for cybersecurity vulnerabilities in foreign-manufactured cranes in U.S. ports – as mandated by the National Defense Authorization Act (NDAA) of the fiscal year 2023 – and then expand into broader, systemically important maritime OT.”


In addition, the report authors call for the Coast Guard to develop cybersecurity education and workforce programs and to participate in grant programs to obtain additional resources for mitigating maritime cyber risk.

Further, they call on CISA’s parent agency, DHS, to request from Congress increased funding for the Coast Guard to support its Sector Risk Management Agency responsibilities.

Earlier this year in January, Oslo-based ship classification society DNV was hit with a ransomware attack that affected at least 1,000 vessels and forced the company to shut down its servers.

That came shortly after the Port of Lisbon in December was hit with a ransomware attack affecting its websites, while earlier in 2022 the Amsterdam-Rotterdam-Antwerp port and two subsidiaries of German logistics firm Marquard & Bahls also suffered ransomware breaches.

In September, a report by the Government Accountability Office found that the Coast Guard urgently needed to improve its cyber workforce and set out six key recommendations for doing so.


Among the remediation proposals included in that audit were the adoption of a strategic workforce plan for cyber, undertaking supply, demand and gap analyses and improving monitoring processes.

That study was published about a year after the Coast Guard launched a new cybersecurity strategy as part of which the service set out plans to build more cyber teams, partially in response to ransomware incidents such as the Colonial Pipeline attack.

The latest report on maritime cybersecurity was published by researchers Jiwon Ma and Will Loomis. Ma is a program analyst at the Foundation for the Defense of Democracy’s Center on Cyber and Technology, where she contributes to the Cyberspace Solarium Commission’s 2.0 project. Loomis is an associate director at the Atlantic Council’s Cyber Statecraft Initiative. 

The Cyberspace Solarium Commission 2.0 project was launched to continue the legacy of the Cyberspace Solarium Commission and to support continued efforts to implement CSC recommendations.

Latest Podcasts