The Port of Los Angeles launched a Cyber Resilience Center Monday that protects not only port administration systems, but the shipping companies that berth there.
The development of the center came after cyberattacks in 2017 and 2018 struck some of the largest shipping companies.
“We must take every precaution against potential cyber incidents, particularly those that could threaten or disrupt the flow of cargo,” said Gene Seroka, the port’s executive director.
Computer network and ransomware attacks are a long-standing problem in international shipping.
A.P. Moller-Maersk A/S, the world’s largest container shipping company, was infected in June 2017 by the NotPetya cyberattack. The attack severely damaged Maersk’s network, including the systems used by Maersk’s terminal operating company, APM Terminals, which operates the largest container terminal at the Los Angeles port.
In July 2018, China Ocean Shipping Co., which leases terminals at both the Port of Los Angeles and the Port of Long Beach, experienced a cyberattack. China Shipping suffered less damage because it isolated its Shanghai server, containing the damage, but its terminal at Long Beach operated at reduced capacity for four days.
Cybersecurity is one of the biggest threats facing local and state governments today with 63% of municipal analysts expressing concern about it, according to a recent survey conducted by Hilltop Securities.
The Port of Los Angeles hired IBM in December 2020 to develop a system that would connect shippers to its centralized system that flags vulnerabilities.
The new Cyber Resilience Center is organized as an Information Sharing and Analysis Center, which is a recognized best practice for providing two-way sharing of information on cyber threats to critical infrastructure, Moses Kopmar, a Moody’s Investors Service analyst told the Bond Buyer when the project was first announced.
The port is shoring up its computer network security amid a series of larger challenges.
In the past 18 months, the Port of Los Angeles has experienced record-breaking traffic and dealt with pandemic-driven supply chain issues that backed up ships by the dozen and containers by the thousand.
U.S. Transportation Secretary Pete Buttigieg has visited the port several times to discuss the Biden administration’s efforts to counteract national supply chain issues that resulted in goods shortages, have driven up prices and has been cited as an inflationary factor.
“As long as the pandemic persists, as long as we are making up for decades of past disinvestment, we are going to see impacts on shipping times and shipping cost,” Buttigieg said during a Jan. 11 visit to the Los Angeles and Long Beach twin ports.
In October, President Joe Biden had directed his administration to work with companies and ports on a “90-day sprint” to alleviate bottlenecks. At that time, the Port of Los Angeles shifted to 24/7 service, similar to Port of Long Beach operations that were already on a 24/7 schedule. The twin ports handle 40% of container traffic in the US.
The Biden administration has also implemented a trucker training program to deal with the worker shortage and plans to allocate $230 million in Port Infrastructure Grants.
The administration also worked with the Ports of L.A. and Long Beach to impose a fee on ocean carriers if their cargo sits on docks for more than eight days.
Seroka, in his keynote speech at the Pacific Merchant Shipping Association’s seventh annual “State of the Port” event held virtually on Jan. 20, said the backlog has cleared and he never had to invoke the fee.
The port will benefit from $17 billion earmarked in the Infrastructure and Investment and Jobs Act and California Gov. Gavin Newsom proposed $2.3 billion for the port in his fiscal year 2022-23 budget unveiled Jan. 10.
“We could not have gotten though the most challenging parts of this epidemic without all of you,” said Newsom during the State of the Port event. “California is the gateway to the nation’s economy. We handle over 40% of the nation’s imports.”
Adding to the public drama over goods movement in the Los Angeles basin, recent reports have highlighted an ongoing problem with train robberies, as thieves hit slow-moving or stopped Union Pacific freight trains near its yard east of downtown Los Angeles.
Union Pacific, according to CBS Los Angeles, asked Los Angeles County District Attorney George Gascon for help in a letter that says the railroad has seen an 160% increase in looting along the route in a year’s time.
Newsom visited the Union Pacific tracks in Los Angeles County Jan. 20 for the announcement of a multi-agency effort to clean up the railway and combat theft and hold perpetrators responsible. Newsom had asked the California Department of Transportation to help with clean-up efforts after looters had left goods scattered along the tracks. The governor also asked the California Highway Patrol to work with the railroad’s private investigators to find the perpetrators.
“What has happened on this stretch of the Union Pacific Railroad is unacceptable,” Newsom said. “We are committed to an all-of-government approach to prevent thefts, prosecute the criminals involved and clean up local communities.”
The port has experienced record-breaking traffic levels through most of the pandemic.
Breaking its previous calendar year record by 13%, the port processed about 10.7 million twenty-foot equivalent units during 2021, Seroka said during his keynote speech.
The port received an outlook lift to positive from S&P Global Ratings in June 2021 as the port hit the highest traffic levels in its 115-year history.
S&P rates the port AA. The action affected $665.7 million of bonds, all fixed rate, with no commercial paper draws outstanding, according to the rating agency.
Cargo traffic nosedived in early 2020 amid the global COVID-19 pandemic, but reversed dramatically during the summer, bringing a record number of containers into the port.
“The state of the port is strong despite the national supply chain issues wrought by the pandemic,” said Los Angeles Mayor Eric Garcetti, who also spoke at the port outlook event. He credited Seroka, who he made the city’s chief logistics officer in addition to his role at the port; the Biden administration; and Newsom for keeping goods moving through the port despite congestion that had ships backed up waiting to dock at certain points.
In addition to the new cyber resilience center, Garcetti said the city is creating a Goods Movement Training Campus at the port.
The training center will focus on developing worker skills, as well as up-skilling and re-skilling workers, so they can adapt to the shipping industry’s evolving needs. The center will also train workers in green and zero-emissions technologies.
Newsom included $110 million for the campus in his 2022-23 budget.
“Ports are not just about imports, but being on the leading and cutting edge of workforce development and environmental stewardship,” Newsom said during the State of the Port event.
The community cyber defense solution was created to improve the cybersecurity readiness of the port and enhance its threat-sharing and recovery capabilities among supply chain stakeholders. It was designed through a collaborative process with shipping companies that berth at the port, and will be operated by IBM.
The Board of Harbor Commissioners had approved a $6.8 million, three-year agreement with IBM in December 2020 that included hardware, software and services to design, install, operate and maintain the CRC. The board’s recommendation to select IBM was based on a competitive Request for Proposal process conducted by the port.
In 2014, the port established the nation’s first Port of Los Angeles Cyber Security Operations Center, operated by a dedicated cybersecurity team. Since then, the center has functioned as a centralized location to monitor the port’s own technology environment to prevent and detect cyber incidents. Since 2015, the port has also maintained its ISO 27001 certification for cyber security.
The project that went live Monday connects shipping companies that operate out of the port to the system.
The cyber center provides “enhanced intelligence, better collective knowledge sharing and heightened protection against cyber threats within our supply chain community,” Seroka said.
The system is designed to detect and protect against malicious cyber attacks that could impact cargo flow, and is expected to greatly improve the quality, quantity and speed of cyber information sharing within the port community, according to the port.
The CRC enables stakeholders to automatically share cyber threat indicators and potential defensive measures with each other. It centralizes threat information for the port’s stakeholders.
“The past year has proven the vital role that ports hold to our nation’s critical infrastructure, supply chains and economy, underscoring that it’s paramount we secure this ecosystem,” Christopher McCurdy, general manager, IBM Security Services, said in a statement.