"SCADA Systems Involved in Many Breaches Suffered by US Ports, Terminals"
Researchers at Jones Walker have published the results of a survey focusing on the cybersecurity preparedness of ports and terminals in the United States. According to Jones Walker's 2022 Ports and Terminals Cybersecurity Survey, there has been a significant increase in cyberattacks targeting this sector, and while a vast majority of the respondents claim they are prepared to handle cyber threats, many have confirmed suffering breaches in the past year. Many respondents (90%) said they were very confident in their overall level of cybersecurity and preparedness to withstand a cyber incident. However, 55% said they had detected an attempt to breach their environment, and 45% admitted suffering some type of breach within the past year. Some of the participants (14%) said the incident resulted in data getting encrypted or becoming inaccessible, and 11% said the breach resulted in data exfiltration. When asked about the types of systems involved in data breaches, 36% named supervisory control and data acquisition (SCADA) systems, and 32% named field device management systems. In addition, SCADA has been named the top "cybersecurity vulnerability" of US ports and terminals. The researchers stated that as volume and traffic to these facilities have seen exponential growth, maritime ports and terminals have also undergone significant changes in digitalization and automation of terminal operating and industrial control systems (ICS). Facilities are increasingly using automated operational technology (OT) systems to augment information technology (IT) and to communicate data, operate equipment, track cargo and containers, and manage commercial operations. The researchers noted that when asked to describe the type or nature of the attack that resulted in their facility's systems getting compromised, RDP was the top response (38%), followed by malware (26%), hacking (24%), social engineering (22%), ransomware (20%), and business email compromise (18%).
SecurityWeek reports: "SCADA Systems Involved in Many Breaches Suffered by US Ports, Terminals"