In view of increasing digitisation, protection against cybercrime is becoming more and more important in ports. As part of the joint project “SecProPort”, a comprehensive IT security architecture is currently being developed for this purpose.
photos: Karin Steffen-Witt, iStock/Steffen_F
The following horror scenario must be prevented: the port infrastructure breaks down for a longer period of time due to sabotage by hackers. This leads to supply bottlenecks in industry and among the population. The fact that this danger is real is shown by the increasing attacks on all industries with ever greater economic impact. The German economy alone suffers total annual damage of 223 billion euros due to theft, espionage and sabotage of data. This was the result of a representative study by Bitkom, Germany’s digital association, published at the beginning of August. Operators of critical infrastructures see themselves particularly threatened: 52 per cent expect a strong increase in attacks on their company.
Sea and inland ports are also particularly vulnerable because they are increasingly networked and work more with electronically available information. This is because all actors involved in port transport, such as terminal operators, shipowners and freight forwarders, as well as the operators of port IT, railways, port authorities and customs, are networked in a complex port communication network (HKV) and exchange information with each other. Accordingly, it is becoming increasingly important to protect all participants with their respective applications as well as the entire network against cyberattacks, as they communicate directly with each other via the “Port Community System.”
Protect all in the port communication network
If, for example, an attacker were to succeed in becoming a participant in the network – either by attacking the IT system of one of the members or as an internal perpetrator – they could then try to import manipulated messages into the overall system. These would look correct at first glance and would therefore be processed further. “So even if the individ-ual systems of the port members are secured according to state-of-the-art technology, this does not automatically mean that the entire port communication network is secure in its interaction – and this against the background that IT attacks will become more and more sophisticated in the future,” emphasised Karin Steffen-Witt, site manager for the IT service provider dbh Logistics and project manager in Lübeck.
The aim of the “SecProPort” joint project, which was funded by the BMVI in November 2018 as part of the “Innovative Port Technologies” (IHATEC) programme for a period of three years, is to create a security architecture for the various workflows, so that the overall system remains functional at all times, even in the event of an attack. “To do this, we first spent roughly a year analysing the complex communication structures in detail.” This included the processes, the identification of hazards, the IT landscape, the need for protection and the risks, as well as a legal opinion with the requirements of the HKV. “The result was huge wallpaper-like diagrams,” added Steffen-Witt. The project manager sees personal data and information on dangerous goods and customs clearance as potentially at risk, for example. “There are always three aspects involved – confidentiality, availability and authenticity.”
After all, it is equally risky if the person in question does not receive a message or if information reaches further recipients beyond one address data. The eight project partners – dbh Logistics, BLG LOGISTICS Group, Datenschutz Cert, German Research Centre for Artificial Intelligence, Duisburger Hafen, Hapag-Lloyd, ISL Institute of Shipping Economics and Logistics and the University of Bremen, as well as the associated partners bremenports, EUROGATE, Niedersachsen Ports and JadeWeserPort – are interested in how security can be increased in the existing IT structures.
“We initially spent about a year analysing the complex communication structures in detail.”
Karin Steffen-Witt, Project Leader and Site Manager Lübeck, dbh Logistics
Entire system must resist attacks
The project is subdivided into work packages, four of which are currently being worked on. For example, a demonstrator is being used to simulate interventions in the communication that has been running up to now during normal operation. “This data is then processed without intervening in individ-ual software systems,” explained Steffen-Witt. “The requirements for the applications of the individual port stakeholders are then derived from the improved security architecture, and migration plans are developed,” said the project manager. “Ultimately, the intention is to implement security architecture at individual application partners to prove its practical relevance.” The goal is to incorporate the project results into an industry-specific standard for information security in German ports.
Steffen-Witt describes this innovative joint project as follows: “Normally, every IT department works by itself. However, not every company protects itself in the same way. Here, all participants are now working together to achieve better resilience against cyberattacks for all partners in the communications network.” The solution developed can be transferred to other communication networks, for example in other ports. However, cooperation in pandemic times would need to be re-established. “We had actually planned a big meeting with workshops in Duisburg,” the project man-ager recalled. “Instead, we completely changed our way of working, formed smaller groups and met virtually.” In the meantime, this method works very well. Another challenge – even in “normal” times – is experts and scientists exchanging information: “They are definitely different worlds and vocabularies that meet up here. Since everyone wants to have a good working relationship, that has also worked out well in the meantime.” (cb)