A piece of hardware that’s easy to overlook yet hard to miss came into the security spotlight recently: ship-to-shore cranes (opens a new window). As part of a broader push to harden US supply chain security. The Biden-Harris administration published an Executive Order (opens a new window) on February 21 updating regulations for safeguarding US ports and maritime security (opens a new window).

One of the key concerns surround the near monopoly of Chinese-manufactured cranes in US ports. It’s estimated that 80% of remote ship-to-shore cranes that move containers off ships into port in the US are provided by a single manufacturer: Zhenhua Heavy Industries Company (ZPMC), a People’s Republic of China-owned enterprise.

The risks of Chinese Cranes may not be obvious but are real:

Many cranes can be serviced, configured, and operated from remote locations.

They handle sensitive data about containers, their contents, origins, and destinations, including military shipments.  

They integrate directly into port community platforms and other IT systems.

The worry is that these sophisticated digital systems could provide a channel for surveillance or cyber disruption. A senior administration official told CNBC that the over $5.4 trillion in economic activity and over 90% of overseas trade moving through US ports. This means a cyberattack could cause a devastating impact on both domestic and global supply chains.

While the long-term goal is to re-energize domestic crane manufacturing, that won’t alleviate shorter term cybersecurity considerations. The new order grants authority for DHS and the US Coast Guard to impose new cybersecurity requirements on US ports (opens a new window).

OT Cybersecurity

Everfox has more than twenty-five years of experience supporting governments and regulated industries around the world with defense-grade solutions that simplify cybersecurity and protect data wherever it resides. As operational technology threats escalate, Everfox’s solutions can help regulated industries stay ahead of government directives like these with solutions built for the most stringent security requirements.

Cross Domain Solutions (CDS)

Governments have used Everfox CDS for years to segment secret and top-secret networks with logical air gap separation. While still enabling operational data movement. In United States ports, our solutions enable port operators to build isolated networks that allow data to be shared between systems in near real-time but sequester the cyber and data risks. CDS can protect ports from high threat equipment like the Chinese cranes and software by inspecting and validating data moving across network segments while still allowing them to operate as expected. Cross Domain Solutions can whitelist acceptable data, identify extraneous data, and block risky information from moving freely via the logical air gap. This keeps sensitive intelligence from moving out of port systems and protects the wider shipyard operations network from external cyber threats. Ports can operate existing cranes securely in the short term, until a longer-term replacement plan can be implemented. A segmented network approach can also protect legacy high-investment equipment with known vulnerabilities that can’t be patched but need to be available on a network for operations and management. Segmenting both high threat and high vulnerability equipment can keep the broad network secure from both kinds of risks – mitigating security risks while allowing equipment and the ports they support to continue to operate as expected.

Content Disarm and Reconstruction (CDR)

While cranes are a specific risk use case, foreign manufacturers provide equipment across a range of industries around the world including portable imaging devices for container assessment and IP surveillance cameras as examples. These types of devices can gather sensitive data and intelligence that should be protected and conversely, images and video can hide cyber threats that could be introduced into an internal network.

CDR solutions are designed to transform data so that zero day cyber and data security threats are neutralized while ensuring the data is still fully usable as intended. With a combination of CDS and CDR, industries can create segments to isolate cameras and imaging devices, control the data in and out, block audio, inspect video feeds and transform imagery to remove any sensitive data or cyber risk before it moves through the network.

Reach out to our team to learn how our defense-grade cybersecurity solutions can protect your operational technology and help you comply with latest regulations and EOs