Cyber-attack at a major port could cost $1 billion per day

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://www.gsnmagazine.com/node/39138?c=maritime_port_security

At a time when the nation’s infrastructure faces a growing threat from
cyber-attacks, maritime and homeland security officials say they are making
significant progress in protecting the nation’s ports, which handle more
than 2 billion metric tons of cargo annually and are critical to the global
economy.

“It’s finally picking up speed,” said Randy Parsons, director of security
at the Port of Long Beach, during the Port Security Operations Conference &
Expo held Nov. 19-21 at the Hilton Long Beach & Executive Meeting Center.
“A lot of time and effort have been put into this by the private sector, as
well as the government agencies -- the FBI in particular and the U.S.
Secret Service. I’ve seen a major shift in just the last 12 months.”

Parsons said cyber-attacks pose a growing threat to the nation’s
infrastructure, including its ports.

“All we have to look at is the 6 o’clock news about every night to see some
damage hackers have done around the country,” Parsons observed. “I think
we’ve seen plenty of evidence that the capability exists and that puts a
challenge on all the partners at the port to assess the protections we
have, identify our gaps and then come up with mitigation strategies.”

Doug Albrecht, director of information management at the Port of Long
Beach, said the port blocks about 9 million attacks monthly on its network.
But it only takes one successful intrusion to potentially do damage, he
said.

“There is an annual hackers’ convention in Las Vegas called DEF CON to
break into real companies and real networks,” Albrecht said. “The best tool
they could use is the telephone. They can profile you from LinkedIn,
Twitter and Facebook and when they call you and ask you the question about
your bank account or password, they know a lot of information about you and
you can be easily tricked.”

To combat this threat, port officials teach workers how to recognize these
and other methods hackers use to break into the highly-secure networks of
ports and other critical infrastructure in the nation.

A lot is at stake. A cyber-attack that successfully shuts down the ports of
Los Angeles and Long Beach would cause $1 billion a day in losses to the
national economy, Parsons said.

“The cyber risk has not been adequately addressed in the maritime security
model,” said Michael O’Brien, the port facilities officer at the Port of
Oakland. “That needs to be addressed. I think there is some room to grow
with the cyber-security threat and become more systematic about it.”

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

# OWASP http://www.appsecusa.org
# Builders, Breakers and Defenders
# Time Square, NYC 20-21 Nov
o()xxxx[{::::::::::::::::::::::::::::::::::::::::>

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security offers security intelligence, risk management services and customized security solutions. The 
YourCISO portal gives decision makers access to tools for evaluating their security posture and prioritizing risk 
mitigation strategies. Cyber Risk Analytics offers actionable threat information and breach analysis.