Don’t rely on retrospection

Port security teams need to increasingly rely on artificial intelligence to keep systems and operations safe. Credit: geralt/Pixabay/CC0 Creative Commons Port security teams need to increasingly rely on artificial intelligence to keep systems and operations safe. Credit: geralt/Pixabay/CC0 Creative Commons

Darktrace Industrial’s Andrew Tsonchev explains how artificial intelligence has an important role to play in keeping ports safe.

Ports and harbours are high risk, dynamic environments. Much like a city, new potential risks enter their borders – both physically and virtually – every day. From travellers using a ferry’s public wi-fi, to the unique network-connected operational systems on every ship, the proliferation of new technology across a port’s digital ecosystem is limitless. With no signs of digitisation slowing, hyper-connected, ‘smart’ ports featuring port-wide digital platforms able to automatically navigate ships using real-time data, are becoming a reality.

The intertwining of physical and digital across our ports creates a monumental challenge for the cyber-security teams tasked with their defence. Connecting large-scale industrial machinery, such as oil export pipelines and cranes, to traditional IT in vessel traffic control centres creates an increasingly complex network. Without the means to understand and discover network vulnerabilities, or dedicated security tools for legacy, bespoke industrial systems, ports are exposed to cyber-attackers with numerous opportunities to compromise and disrupt operations.

Successful attacks on the maritime industry demand high levels of specialisation and novelty. This means ports are often contending with well-run, highly resourced criminal groups or nation states rather than lone, experimental hackers.

With the European Union Network and Information Security (NIS) Directive recently introducing security requirements for operators of essential services, cyber security can no longer be an after-thought. This mounting regulatory pressure, combined with potential breaches to commonly used ship-tracking technology hitting the headlines, has led port security teams to seek a security overhaul.

Don’t look back

The traditional approach to cyber defence is inherently retrospective, only providing protection for attacks that have been seen before. Bombarded with novel, bespoke cyber-attacks, security teams are increasingly relying on artificial intelligence to keep their port systems and operations safe. Machine learning systems can provide bespoke, tailored, protection for highly specialised environments, allowing for the detection of targeted attacks against unique industrial systems.

Harwich Haven Authority is a major trust port in the UK, handling 40% of the country’s container traffic and some of the world’s largest ships. The authority is just one of a growing list of maritime organisations acknowledging that human beings alone cannot combat the threat, and deploying AI to bolster their cyber defence.

Analogous to the human immune system, cyber AI uses machine learning to learn the normal ‘pattern of life’ for every device, controller and user on the unique network, including increasingly popular cloud platforms. Using this dynamic understanding, subtle abnormal behaviours can be detected in real time and the AI systems can autonomously defend against unknown threats.

Leveraging this new breed of cyber defence, security teams can catch and immunise the vulnerable IoT across their networks. For example, a port may invest in biometric fingerprint scanners for their staff to enter a high-security control room. Although a forward-thinking safety feature, these sensors are invisible to most legacy security systems and offer a foothold for attackers to gain network entry and leap across the network to hack into shipping operations. However, by deploying autonomous response technology, AI can be used to detect strange connections on any network-connected device, responding in seconds to in-progress attacks. Akin to ‘digital antibodies’ these responses are surgical and proportionate, preventing system downtime which could have severe consequences for international port services.

On the cusp of an era of machine-on-machine attacks, where the bad guys leverage AI to accelerate their infiltration of networks and systems, ports will continue to attract the most sophisticated attacks. Arming port defenders with the right technology will allow them to respond at the same speed and level of complexity as the attackers, and win. This will be critical in the race to secure the technology that is fundamental to the efficiency and effectiveness of the modern port.

Andrew Tsonchev is director of technology at Darktrace Industrial.


ShibataFenderTeam supports PIANC Young Professionals

As one of the world's leading fender specialist, we consider it our responsibility to do our part fo... Read more


Warrenpoint Port has commissioned a new crane and has commenced the refurbishment of two other crane... Read more

Bigger share of modal split envisaged for inland shipping in the Baltic Sea Region

A vision for inland waterway transport (IWT) in the Baltic Sea Region as well as means to strengthen... Read more

QTerminals reaches new container and cargo handling milestones in record time

Over two million containers and five million tonnes of cargo handled Read more

Bendezu Port Equipment delivered two GOTTWALD HMK 6407 B from BELGIUM to SPAIN

Bendezu Port Equipment GmbH, an international trading company offering second-hand port equipment, h... Read more

View all