The Maritime Administration announced a new advisory on April 9, replacing the prior U.S. Maritime Advisory 2024-011. The updated advisory highlights potential vulnerabilities present in maritime port equipment, networks, operating systems, software, and infrastructure. It draws attention to the use of technology from foreign companies that might create security risks for global maritime infrastructure IT and OT systems.
The advisory particularly stresses concerns over systems manufactured by Chinese enterprises, such as China’s National Public Information Platform for Transportation and Logistics (LOGINK), Nuctech scanners, and automated ship-to-shore cranes. Highlighting the risks, it notes that LOGINK, described as a single-window logistics management platform, collects a significant amount of logistics data from various global sources, possibly exposing sensitive business and governmental information.
Nuctech Company, a state-controlled entity, produces security inspection equipment widely used at critical logistics nodes worldwide. The concern with Nuctech stems from its partial state ownership and capabilities including biometric monitoring and AI-based facial recognition.
Shanghai Zhenhua Heavy Industries Company Limited (ZPMC) is another firm under scrutiny. With ties to China Communications Construction Company, ZPMC dominates the market for ship-to-shore cranes. These cranes can be remotely controlled, serviced, and programmed, which could make them susceptible to exploitation.
Maritime stakeholders are advised to apply cybersecurity best practices and maintain vigilance regarding cyber vulnerabilities. The recommended actions include updating software, ensuring network access is secure, and partnering with governmental and academic entities for information sharing and cyber drills.
The brief provides mitigation strategies for automated port crane risks, recommending compliance with U.S. Coast Guard Security Directives 105-4 and 105-5, and encouraging secure file transfers and remote access systems that enforce Multifactor Authentication.
Further, the advisory underscores the need for robust recovery strategies for critical systems, monitoring network communications diligently, and ensuring strong physical security measures for crane operations.
Maritime stakeholders encountering compromised equipment or suspicious activities are directed to contact relevant U.S. authorities, such as the U.S. Coast Guard and the FBI. A list of references to additional resources is included in the advisory.
