Just as Baltimore Harbor was finally cleared of debris following the March 26 maritime incident with the container ship Dali striking and causing the collapse of the Francis Scott Key Bridge, killing six, another bridge incident just occurred.
On June 5 in Charleston Harbor in South Carolina, a container ship lost throttle control going full speed under the Ravenel Bridge. Thankfully, no one was injured, nor was significant damage sustained. But this near-miss is a reminder that our maritime infrastructure is vulnerable and that often, cyberthreats are overlooked.
The frequency and severity of incidents involving critical infrastructure have noticeably increased, raising alarms about the robustness of our defenses and the thoroughness of our investigative processes.
From power grid failures and transportation system malfunctions to disruptions in water supply and health care services, the stakes have never been higher.
While traditional factors such as aging infrastructure and human error contribute to these incidents, there’s a growing concern that nefarious cyberactivity is also playing a significant role.
The complexity and interconnectivity of modern infrastructure means that the consequences of these incidents are often far-reaching, affecting millions of people and costing billions of dollars in economic losses.
When the Dali incident occurred, Baltimore was the 10th-busiest port in the U.S., and Charleston, the 8th- busiest, could have been shut down, too.
The question that arises is whether these and similar incidents across our nation’s critical infrastructure are merely a coincidence or whether there are deeper, more sinister causes at play, such as the ones alluded to by U.S. government officials in a January hearing before the House Select Committee on Strategic Competition Between the United States and the Chinese Communist Party.
For instance, the Colonial Pipeline ransomware attack in 2021 caused significant fuel-supply disruptions across the eastern United States while highlighting the vulnerability of critical infrastructure to cyberthreats.
We must apply lessons learned and thoroughly investigate cybereffects operations as causes for maritime incidents. Notably, the preliminary National Transportation Safety Board report for the Francis Scott Key Bridge collapse failed to mention whether the possibility of it being a cyberattack was even being investigated.
The near-miss last week at the Arthur Ravenel Jr. Bridge in Charleston underscores the urgency of addressing these multifaceted threats to our critical infrastructure.
To navigate this intricate landscape, it’s crucial that the agencies tasked with investigating maritime incidents—such as the National Transportation Safety Board and the Coast Guard—are not only adequately resourced, but also endowed with the requisite knowledge, authorities, and collaboration to conduct thorough and comprehensive investigations.
Then-President Donald Trump’s 2020 National Maritime Security Plan underscores the importance of implementing priority actions in three key categories: risks and standards, information and intelligence sharing, and creating a maritime cybersecurity workforce.
Effective execution of that plan and President Joe Biden’s Executive Order 14116 aimed at bolstering the cybersecurity of U.S. ports will ensure that investigative agencies have the necessary tools and frameworks to address and mitigate threats in maritime cybersecurity comprehensively.
These investigative agencies need advanced forensics tools to detect, analyze, and accurately attribute cyberattacks with urgency.
In a phone interview, Rob Bair, former National Security Council director for intelligence and cyberpolicy, said, “Time is certainly of the essence when responding to a malicious cyberincident. Forensic evidence may be overwritten or lost with routine or unplanned system changes. Additional variables include the maturity of the victim’s security posture, the type of attack, and the sophistication of the threat actor.”
That highlights the importance of beginning deliberate incident response as soon as an event is detected and acknowledged to preserve critical evidence.
While robust investigation mechanisms are vital, they are only part of the solution. We must also adopt proactive measures to fortify our defenses against cyberthreats. That involves a multifaceted approach that includes investment in cybersecurity infrastructure, workforce development, public-private partnerships, legislative action, and technological innovation.
Policymakers must enact and enforce stringent cybersecurity laws and regulations. That includes establishing minimum cybersecurity standards for critical infrastructure and ensuring that there are consequences for noncompliance.
For its part, the Coast Guard is working through the rulemaking process to establish the minimum cybersecurity requirements for U.S. flagged vessels, outer continental shelf facilities, and U.S. facilities subject to the Maritime Transportation Security Act of 2002.
The alarming rise in maritime incidents is a stark reminder of our vulnerabilities in an increasingly interconnected world. To safeguard our society, it’s imperative that the agencies responsible for investigating these incidents are empowered with the necessary tools, authorities, and workforce to uncover and address potential cyberthreats.
Safeguarding our infrastructure requires accountability and transparency, especially considering the cyberthreats of today and tomorrow. Continuing to absorb the impact of cyberattacks is not a sustainable strategy. The time to act is now.