The MSOC, housed and operated by ST Engineering at its electronic hub, conducts 24/7 monitoring and correlate data activities across all maritime Critical Information Infrastructure (CII).
“Cyber threats come in many forms and have been rising steadily across the globe. As the world’s busiest transhipment hub, it is important that we safeguard our maritime and port critical infrastructure to prevent a major disruption to port operations and delivery of success,” commented Niam Chiang Meng, chairman of the MPA.
The MSOC, which started operations in November 2018, has been built with the capability to detect and monitor cyber-attacks by analyzing activities in the IT environment, detect anomalies and threats, and respond to the cybersecurity incidents using available technology solutions.
The MPA will work closely with CII to ensure the protection of maritime CIIs and investigate any cybersecurity threat or incident.
“The sophistication of cyber-attacks has risen drastically over the years, with online black markets offering automated attack tool-kits, zero-day vulnerabilities and hacking services, and some may even come with support services and helplines to anyone who is willing to pay,” Niam said.
Back in November 2018, ST Engineering had announced a suite of green maritime engineering solutions which include cybersecurity as well as Smart Autonomous Vessels (USVs) and LNG-powered vessels, among others.
Niam said that besides the MSOC, MPA is also working on three other initiatives.
“First, MPA will build key data linkages between the MSOC and the existing Port Operations Control Centre (POCC) at PSA Vista in order to respond to cyber incidents in a more holistic and timely manner. We will also design an integrated command and control centre of the future when we move to the new Tuas port,” he said.
Singapore’s Tuas mega port is scheduled to commence its first phase of operations in 2021 with two berths for ships. When fully operational from 2040, the port can handle up to 65m teu of containers annually.
Niam added that MPA is collaborating with the Singapore Shipping Association (SSA) and Singapore Polytechnic to develop a new ‘Maritime Cybersecurity (Intermediate) Training Course’ for maritime personnel to enhance their knowledge in managing cyber threats and challenges. The one-day course will be rolled out in the first half of 2020.
“Third, MPA will embark on a Maritime Cybersecurity Research Programme in collaboration with the Singapore Maritime Institute and local institutes of higher learning. This programme will focus on the protection of shipboard systems and prepare bridge-officers to respond effectively to a cybersecurity breach,” Niam said.
Meanwhile, MPA is building on the existing Port Authorities Roundtable initiative, as well as with other partner networks, an information-sharing network with other port authorities.
“During the NotPetya ransomware global outbreak in 2017, MPA received an early alert from the Port of Rotterdam informing us that a ransomware attack had hit APM terminals globally. This heads-up of an additional two to three hours had allowed us to inform key stakeholders in advance to heighten their cybersecurity postures and ready their internal resources to mitigate threats and respond to incidents,” Niam said.