Cyber-Attacks on Port of LA Double
One of the world’s busiest ports has seen an extraordinary increase in cyber-attacks since the start of the pandemic, according to a new report.
Gene Seroka, executive director at the Port of Los Angeles, told the BBC World Service over the weekend that the facility is being bombarded with around 40 million attacks each month.
“Our intelligence shows the threats are coming from Russia and parts of Europe. We have to stay steps ahead of those who want to hurt international commerce,” he told the service.
“We must take every precaution against potential cyber-incidents, particularly those that could threaten or disrupt the flow of cargo.”
Ransomware, malware, spear phishing and credential harvesting attacks are apparently among the threats being targeted at the facility, which is the busiest port in the western hemisphere.
The aim in many cases appears to be to cause disruption to the US economy, although profiteering from extortion and data theft will also be a driver.
If not properly managed, such threats could make COVID-era supply chain snarls even worse. Seroka claimed that blockages at the port won’t clear fully until next year, although the number of container ships waiting more than two days to unload has apparently dropped from 109 in January to 20 today.
“The past two years have proven the vital role that ports hold to our nation’s critical infrastructure, supply chains and economy. It’s paramount we keep the systems as secure as possible,” Seroka said.
The challenge is so acute that the port developed one of the world’s first Cyber Resilience Centres, in partnership with the FBI. It provides a centralized location to receive, analyze and share threat intelligence with port stakeholders such as shipping companies.
Such is their strategic importance to global trade that ports have become a popular target for cyber-criminals, especially those looking to sabotage operations and extort organizations.
In late December last year, the US Coast Guard warned of a ransomware attack on an unnamed facility, disrupting operations for over 30 hours.
Then in February, oil terminals at some of Europe’s biggest ports were taken out by ransomware.