Don’t rely on retrospection

Port security teams need to increasingly rely on artificial intelligence to keep systems and operations safe. Credit: geralt/Pixabay/CC0 Creative Commons Port security teams need to increasingly rely on artificial intelligence to keep systems and operations safe. Credit: geralt/Pixabay/CC0 Creative Commons

Darktrace Industrial’s Andrew Tsonchev explains how artificial intelligence has an important role to play in keeping ports safe.

Ports and harbours are high risk, dynamic environments. Much like a city, new potential risks enter their borders – both physically and virtually – every day. From travellers using a ferry’s public wi-fi, to the unique network-connected operational systems on every ship, the proliferation of new technology across a port’s digital ecosystem is limitless. With no signs of digitisation slowing, hyper-connected, ‘smart’ ports featuring port-wide digital platforms able to automatically navigate ships using real-time data, are becoming a reality.

The intertwining of physical and digital across our ports creates a monumental challenge for the cyber-security teams tasked with their defence. Connecting large-scale industrial machinery, such as oil export pipelines and cranes, to traditional IT in vessel traffic control centres creates an increasingly complex network. Without the means to understand and discover network vulnerabilities, or dedicated security tools for legacy, bespoke industrial systems, ports are exposed to cyber-attackers with numerous opportunities to compromise and disrupt operations.

Successful attacks on the maritime industry demand high levels of specialisation and novelty. This means ports are often contending with well-run, highly resourced criminal groups or nation states rather than lone, experimental hackers.

With the European Union Network and Information Security (NIS) Directive recently introducing security requirements for operators of essential services, cyber security can no longer be an after-thought. This mounting regulatory pressure, combined with potential breaches to commonly used ship-tracking technology hitting the headlines, has led port security teams to seek a security overhaul.

Don’t look back

The traditional approach to cyber defence is inherently retrospective, only providing protection for attacks that have been seen before. Bombarded with novel, bespoke cyber-attacks, security teams are increasingly relying on artificial intelligence to keep their port systems and operations safe. Machine learning systems can provide bespoke, tailored, protection for highly specialised environments, allowing for the detection of targeted attacks against unique industrial systems.

Harwich Haven Authority is a major trust port in the UK, handling 40% of the country’s container traffic and some of the world’s largest ships. The authority is just one of a growing list of maritime organisations acknowledging that human beings alone cannot combat the threat, and deploying AI to bolster their cyber defence.

Analogous to the human immune system, cyber AI uses machine learning to learn the normal ‘pattern of life’ for every device, controller and user on the unique network, including increasingly popular cloud platforms. Using this dynamic understanding, subtle abnormal behaviours can be detected in real time and the AI systems can autonomously defend against unknown threats.

Leveraging this new breed of cyber defence, security teams can catch and immunise the vulnerable IoT across their networks. For example, a port may invest in biometric fingerprint scanners for their staff to enter a high-security control room. Although a forward-thinking safety feature, these sensors are invisible to most legacy security systems and offer a foothold for attackers to gain network entry and leap across the network to hack into shipping operations. However, by deploying autonomous response technology, AI can be used to detect strange connections on any network-connected device, responding in seconds to in-progress attacks. Akin to ‘digital antibodies’ these responses are surgical and proportionate, preventing system downtime which could have severe consequences for international port services.

On the cusp of an era of machine-on-machine attacks, where the bad guys leverage AI to accelerate their infiltration of networks and systems, ports will continue to attract the most sophisticated attacks. Arming port defenders with the right technology will allow them to respond at the same speed and level of complexity as the attackers, and win. This will be critical in the race to secure the technology that is fundamental to the efficiency and effectiveness of the modern port.

Andrew Tsonchev is director of technology at Darktrace Industrial.


SOHAR Port and Freezone Launches SOHAR Navigate

The innovative online route planner contains deep-sea and short-sea schedules connecting to 550 port... Read more

Solvo.TOS a Key Ingredient in Angola’s Plans to Grow Its Economy

Solvo.TOS has been chosen by Sogester S.A. (APMT and GF Sociedade Gestore de Terminais, SA) to moder... Read more

SANY Port Machinery launches the new efficient Reach Stacker H9 in Europe

Sany well understood the customers’ need to improve cost. In 2018 SANY introduced the new Reach Stac... Read more


Bromma has been selected to deliver the spreaders for the automatic stacking cranes to be commission... Read more

Kalmar's automated and manual straddle carriers selected by Patrick Terminals for fleet renewal programme

Kalmar's automated and manual straddle carriers selected by Patrick Terminals for fleet renewal prog... Read more


Hyster Europe has launched a new top lift Laden Container Handler that is expected to increase produ... Read more

View all