US, Indonesia hold port-focused cybersecurity exercise

The U.S. and Indonesia held their first port-focused cybersecurity tabletop exercise last week in an effort to better prepare for attacks on maritime critical infrastructure.

Convened in Surabaya, Indonesia, from June 10-13, the exercise featured simulations of major cyber incidents and ransomware attacks against port operations, ship-to-shore cranes and other aspects of maritime activity, the U.S. Department of Homeland Security (DHS) said Tuesday.

Private sector companies in Indonesia contributed, DHS said, and the participants discussed ways to mitigate the effects of attacks and further beef up maritime cyber resilience.

DHS, which led the exercise alongside the U.S. State Department and other agencies, did not respond to requests for comment about what specific threats prompted the tabletop exercise.

The Indonesian Ministry of Defense attended alongside representatives from the National Police, National Intelligence Agency and dozens of other government ministries as well as companies involved in port operations and shipping in Indonesia.

The U.S. and Indonesia — a nation of 17,000 islands — have worked more closely in recent years on security issues, signing a “defense cooperation agreement” in 2023. China also has significant influence in the region.

DHS Undersecretary Rob Silvers said the exercise allowed participants  to “stress test cyber incident response plans with Indonesian counterparts, as well as identify areas where we can collaborate more closely to secure the maritime domain from cyber threats.”

“Cyber threats in the maritime environment continue to grow more sophisticated and pernicious,” said Jon Kennedi, Director of the Indonesian Directorate of Sea and Coast Guard. “Confronting these threats requires a comprehensive approach that integrates operational coordination, capacity building, and the sharing of risk information across governments and industry stakeholders.”

After the tabletop exercise, the U.S. Coast Guard held a workshop with Indonesian government officials and companies where they shared policies and best practices related to maritime cyber incident prevention and response.

The workshops discussed President Biden’s February executive order that created new requirements for stronger cyberdefenses and expanded the authorities of the Coast Guard to respond to cybersecurity incidents.

The White House at the time announced more than $20 billion in investments designed to improve port infrastructure over the next five years and remove ship-to-shore cranes built by Chinese companies that have become a source of concern for U.S. officials.

A congressional probe in March found communications equipment in Chinese-built cranes that alarmed investigators who said they had no operational functions.

Those concerns aligned with broader worries about China’s Volt Typhoon campaign — which involved state-backed hackers burrowing deep into U.S. critical infrastructure in an effort to enable disruptive action.

Chinese companies own nearly 80 percent of the cranes that are vital to the operation of U.S. ports because they move supplies in and out of large container ships. The cranes are particularly threatening because they can be operated remotely, officials say.

DHS Secretary Alexander Mayorkas told Congress in 2022 that cyberattacks are one of the most urgent threats facing U.S. ports.

“One of the concerns that we have is the cybersecurity threat to ports. We are increasing the level of technology by which our ports operate and that is why not only Customs and Border Protection have a focus on cybersecurity but so does the United States Coast Guard,” Mayorkas said at the time.

“I would identify, with respect to our ports, cybersecurity, as a significant threat stream and we are of course very focused on defending against it and strengthening our cybersecurity.”

There have been dozens of cyberattacks and ransomware incidents targeting ports over the last three years. Ports across Belgium, the Netherlands, Germany, Portugal, Japan, Australia and in U.S. cities like Houston have all faced attack. Several shipping technology giants have also dealt with cybersecurity incidents that snarled operations for days.

Consul General Jonathan Alan said exercises like the ones held last week “help not only strengthen our technical capabilities but forge invaluable future partnerships and, the United States looks forward to building on these important exchanges.”