The Cybersecurity and Infrastructure Security Agency has been urged by cybersecurity experts part of the Cyberspace Solarium 2.0 initiative to establish a maritime operational technology supply chain testing program similar to the Cyber Testing for Resilient Industrial Control Systems of the Energy Department in a bid to better gauge maritime equipment cybersecurity amid growing cyber threats against U.S. ports and other shipping infrastructure in Europe, according to FedScoop.
"The program can begin by testing for cybersecurity vulnerabilities in foreign-manufactured cranes in U.S. ports as mandated by the National Defense Authorization Act (NDAA) of the fiscal year 2023 and then expand into broader, systemically important maritime OT," said researchers Jiwon Ma of the Foundation for the Defense of Democracys Center on Cyber and Technology, and Will Loomis of the Atlantic Councils Cyber Statecraft Initiative.
Moreover, the Department of Homeland Security was also called on to seek additional funding for the Coast Guard's Sector Risk Management Agency duties, with the Coast Guard also urged not only to create cyber education and workforce programs but also join grant programs that would help address cybersecurity risks in the maritime industry.
Twenty-five percent of operational technology organizations in the U.S., and other parts of the world have evaded data breaches this year, compared with only 6% in 2022, mostly due to the 17% decline in insider breaches from 2022 to 2023, reports SecurityWeek.
Several U.S. defense and government organizations have been targeted by state-backed Chinese hacking group Bronze Silhouette, also known as Volt Typhoon, for military intelligence over a period of at least two years, according to The Record, a news site by cybersecurity firm Recorded Future.