The internet has made it easy for unsavory people to intrude on our lives — from the Russians meddling in U.S. elections to hackers stealing people’s identities. The maritime industry has been relatively lucky so far in avoiding major disruptions to the inland and blue water transportation systems from cyberattacks, and the U.S. government wants to keep it that way.
Uncle Sam has invested millions of dollars over the past few years to train members of the U.S. military in detecting, preventing and responding to cyberattacks. This includes training at the nation’s military academies that produce officers that work in or oversee the maritime industry.
The U.S. Naval Academy is nearing completion of a $106 million Center for Cyber Security Studies in Annapolis, Md., and graduated its first cybersecurity majors with the class of 2016. The academy reports that student interest in this field has increased steadily since then, with a record 110 students declaring a cybersecurity major in the incoming class this fall. After the award of the construction contract last year for the academic building for the center, Naval Academy Academic Dean Andrew Phillips said it represents the academy’s ability to “stay at the forefront of academic excellence and relevance as we develop midshipmen for their future careers in a world where cyberwarfare is certain to be a factor.”
Similarity, the Air Force Academy has created a computer and network security major, while the U.S. Army established a Cyber Warfare Research Institute at West Point in 2014. The Army calls cyberattacks “the new war-fighting domain.”
The Coast Guard Academy is also building up its cyber teaching. For the first time in 20 years, the New London, Conn.-based school is adding a new academic program, and you guessed it, it will be a major in cybersystems. The Coast Guard recently announced the launch with the incoming class of 2022, saying that cyber has become a key operational domain for the agency. This new major is part of the Coast Guard’s broader 2015 cybersecurity plan that aims to defend ports, companies and maritime infrastructure from cyberattacks.
“The world of cyber is inherently multidisciplinary,” said Dr. Kurt Colella, dean of academics at the Coast Guard Academy. He explained that the new academic major will encompass operating systems, policy, law, ethics, information assurance, big data, software design, cryptography and intelligence, including geospatial systems.
“The new cybersystems major will join our other programs in shaping the development of the Coast Guard’s future leaders who must operate and excel in a volatile, uncertain, complex and ambiguous environment,” added academy Superintendent Rear Adm. James E. Rendon.
In addition, the USCGA will open a new 2,000-sq.-ft., $950,000 cyber lab this fall that will house dedicated servers, a working laboratory and a specially-designed classroom. Cadets will also have the opportunity to participate in cyber-related summer internships.
Emphasis on cyber has become a recruiting tool at the academy, enabling the school to attract a new generation that is highly computer literate and motivated to tackle this aspect of national security.
The subject has become so popular that cadets compete in the cyberdefense exercise, a nationwide competition between the federal service academies that is conducted by the National Security Agency. On the maritime side, the Coast Guard Academy, U.S. Merchant Marine Academy and the Naval Academy send students to participate. It’s certainly not as big as the Army-Navy game, but the competition generates significant buzz on campus.
Maritime cybersecurity will likely get a sharper focus at the White House now that Coast Guard Rear Adm. Doug Fears has become the top White House official on cybersecurity. A career Coastie and graduate of the academy, Fears was to head the Coast Guard’s Cyber Command before being tapped to lead the White House Cybersecurity Directorate.
Cyberattacks can take a number of different forms in the maritime sector, such as hacking a ship’s navigation system, data theft, GPS spoofing and jamming, and ghost shipping.
Many say that the maritime industry has been slow to prepare for these threats and lags behind other industries. It wasn’t until 2016 that the International Maritime Organization (IMO), the United Nations unit in charge of global maritime regulations, issued cybersecurity risk management guidelines.
Another problem is the diversity of the industry, with many different classes of vessels that operate in different environments from open ocean to the inland waterways. These ships often carry different computer systems and many of them operate with old and outdated operating systems, which can be vulnerable to cyberattacks. There’s also the element of crew training and the interdependence between security of the onboard and land-based computer systems. This issue was underscored in 2017 when a hacker disabled the IT systems of AP Moller-Maersk, causing cargo delays throughout the entire fleet.
Teaching cybersecurity through the military schools is a very important part of a national strategy against cyberattacks. But those hackers out there are growing increasingly sophisticated and determined to harm the U.S. transportation network. Let’s hope that the curricula at these schools can keep up with them and even develop ways to outsmart them.