Thursday, 06 August 2020 | 18:31
View by:

Don’t Rely In Retrospection

Monday, 13 August 2018 | 00:00

Darktrace Industrial’s Andrew Tsonchev explains how artificial intelligence has an important role to play in keeping ports safe.

Ports and harbours are high risk, dynamic environments. Much like a city, new potential risks enter their borders – both physically and virtually – every day. From travellers using a ferry’s public wi-fi, to the unique network-connected operational systems on every ship, the proliferation of new technology across a port’s digital ecosystem is limitless. With no signs of digitisation slowing, hyper-connected, ‘smart’ ports featuring port-wide digital platforms able to automatically navigate ships using real-time data, are becoming a reality.

The intertwining of physical and digital across our ports creates a monumental challenge for the cyber-security teams tasked with their defence. Connecting large-scale industrial machinery, such as oil export pipelines and cranes, to traditional IT in vessel traffic control centres creates an increasingly complex network. Without the means to understand and discover network vulnerabilities, or dedicated security tools for legacy, bespoke industrial systems, ports are exposed to cyber-attackers with numerous opportunities to compromise and disrupt operations.

Successful attacks on the maritime industry demand high levels of specialisation and novelty. This means ports are often contending with well-run, highly resourced criminal groups or nation states rather than lone, experimental hackers.

With the European Union Network and Information Security (NIS) Directive recently introducing security requirements for operators of essential services, cyber security can no longer be an after-thought. This mounting regulatory pressure, combined with potential breaches to commonly used ship-tracking technology hitting the headlines, has led port security teams to seek a security overhaul.

Don’t look back

The traditional approach to cyber defence is inherently retrospective, only providing protection for attacks that have been seen before. Bombarded with novel, bespoke cyber-attacks, security teams are increasingly relying on artificial intelligence to keep their port systems and operations safe. Machine learning systems can provide bespoke, tailored, protection for highly specialised environments, allowing for the detection of targeted attacks against unique industrial systems.

Harwich Haven Authority is a major trust port in the UK, handling 40% of the country’s container traffic and some of the world’s largest ships. The authority is just one of a growing list of maritime organisations acknowledging that human beings alone cannot combat the threat, and deploying AI to bolster their cyber defence.

Analogous to the human immune system, cyber AI uses machine learning to learn the normal ‘pattern of life’ for every device, controller and user on the unique network, including increasingly popular cloud platforms. Using this dynamic understanding, subtle abnormal behaviours can be detected in real time and the AI systems can autonomously defend against unknown threats.

Leveraging this new breed of cyber defence, security teams can catch and immunise the vulnerable IoT across their networks. For example, a port may invest in biometric fingerprint scanners for their staff to enter a high-security control room. Although a forward-thinking safety feature, these sensors are invisible to most legacy security systems and offer a foothold for attackers to gain network entry and leap across the network to hack into shipping operations. However, by deploying autonomous response technology, AI can be used to detect strange connections on any network-connected device, responding in seconds to in-progress attacks. Akin to ‘digital antibodies’ these responses are surgical and proportionate, preventing system downtime which could have severe consequences for international port services.

On the cusp of an era of machine-on-machine attacks, where the bad guys leverage AI to accelerate their infiltration of networks and systems, ports will continue to attract the most sophisticated attacks. Arming port defenders with the right technology will allow them to respond at the same speed and level of complexity as the attackers, and win. This will be critical in the race to secure the technology that is fundamental to the efficiency and effectiveness of the modern port.
Source: Port Strategy

    There are no comments available.
    In order to send the form you have to type the displayed code.