Idaho National Laboratory (INL) is one of the national laboratories of the United States Department of Energy. In this webinar, Marco Ayala, Director at ICS Cybersecurity and Andy Bochman, Senior Grid Strategists at Idaho National Laboratory, and Homeland Security share their expertise on proactive approaches to securing maritime ports, terminals, and offshore platforms.
In today’s technological golden age, the rapid development of advanced technology has pushed maritime further than ever before, but it would be naive to ignore the ripe opportunity these innovations present for advanced hackers to infiltrate. Andy Bochman States, “because you’re a critical infrastructure — when you’re targeted, you will be compromised.” Perimeter defenses such as firewalls, VPN’s, intrusion detection systems, and employee training need to be optimal, however, high level hackers are highly likely to pass through these systems.
Determining the likelihood of a breach is done using a multitude of methods including the use of empirical data and statistical analysis. Although there are many ways to determine likelihood of breach, oftentimes the data only covers one sector of a facility instead of taking an integrated approach to the entire technological infrastructure of the organization. Misunderstanding the full spectrum of each sector and its cybersecurity can lead to miscalculation.
Consequence-driven Cyber-informed Engineering (CCE) is a methodology developed by INL focused on securing the nation’s critical infrastructure systems. In his book, Countering Cyber Sabotage Introducing Consequence-driven Cyber-informed Engineering (CCE), Bochman explains the overarching categories that define CCE:
Consequence-driven leads: executives and operational experts must run through series of exercises to identify the most critical functions essential to fulfilling their organization’s mission and determine the potential consequences of a cyber-attack against these functions.
Cyber-informed guides: System operators must identify key points within a critical system vulnerable to a cyberattack.
Engineering: Organizations must implement proven engineering principles to automated systems and have human involvement in critical digital areas.
As a vital medium for commerce and entrance into the U.S, Maritime Transportation Systems are huge targets and are expected to experience an increase in cyberbreach attempts.
The CCE methodology lessens potential attacks through a 4-step process.
Step 1: consequence prioritization.
Step 2: systems-of-systems analysis
Step 3: consequence-based targeting
Step 4: mitigations and protections
Recently, the Port of Houston was a target of a suspected nation-state hack. Due to timely response and actions, business operations were not impacted. If compromise had not been detected before a critical point, the attacker could have had unrestricted remote access to the network, furthering options that could’ve severely impact port operations.
The CCE method proactively provides critical infrastructure owners, operators, vendors, and manufacturers with a robust approach to risk mitigation. By determining the most critical functions, identifying methods an adversary could use to compromise the critical functions, evaluating complex systems, applying proven engineering, protection, and mitigation strategies stakeholders can isolate and protect their most critical assets from advanced adversaries.
In the lead up to the 2022 Port of the Future Conference, the University of Houston is hosting a series of monthly webinars.