Biden's government mandates an executive order focused on enhancing cybersecurity measures at sea ports
In an era of heightened tension over nation-state threats to critical infrastructure, the Biden administration has issued an executive order to bolster cybersecurity at U.S. port facilities. This move comes amidst concerns about the potential risks to port facilities and the stability of the global supply chain.
The executive order, issued recently, focuses on several key areas. One of the goals is to create safe and secure cranes operating at port facilities. However, it's important to note that the order does not specifically mention Chinese-manufactured ship-to-shore cranes in the context of its cybersecurity measures.
The order requires prompt reporting of cyber threats and incidents involving vessels, harbours, ports, or waterfront facilities. This is a crucial step towards maintaining the cybersecurity of the maritime transport sector, which is vital for military mobility and economic productivity, as emphasised by Mark Montgomery, a retired rear admiral and senior director of FDD's Center on Cyber and Technology Innovation.
The U.S. Coast Guard will have the authority to respond to malicious cyber activity in the marine transportation system. In line with this, the Coast Guard has issued a Notice of Proposed Rulemaking that will include minimum standards for port cybersecurity.
Approximately 80% of ship-to-shore cranes at U.S. ports are manufactured by China, posing a serious cyber risk as they can be controlled, serviced, and programmed from remote sites. While the executive order does not directly address the use or security risks of Chinese-made cranes, the Biden administration's broader focus on cybersecurity includes measures to strengthen the security of critical infrastructure, such as ports.
The Biden administration's cybersecurity measures, as reflected in its previous executive orders, have focused on strengthening U.S. cybersecurity through innovation, AI integration, and sanctions targeting foreign cyber threat actors. However, recent executive orders by the Trump administration in 2025 have amended and revised many of Biden's initiatives, narrowing the scope of cyber threat actors to "foreign persons" and shifting AI policy to emphasize private sector innovation and AI adoption within federal agencies.
The U.S. government has sanctioned Chinese cyber firms due to nation-state hacking concerns, showing ongoing concerns about nation-state cyber threats from China. This underscores the administration's commitment to addressing cybersecurity threats from foreign actors, albeit not specifically in the context of port facilities or cranes.
The Biden administration plans to invest more than $20 billion into port infrastructure over five years. This significant investment reflects the administration's recognition of the importance of port operations to the country, economy, and national security. According to Anne Neuberger, deputy national security advisor for cybersecurity and emerging technology, America's ports employ 31 million Americans and contribute $5.4 trillion to the economy.
Experts from the Foundation for Defense of Democracies have testified before Congress and issued reports about the risks posed by weak security at the nation's port facilities. As the cybersecurity landscape continues to evolve, it is expected that the Biden administration will continue to take proactive measures to protect U.S. port facilities and critical infrastructure.
- The executive order aims to secure cranes at port facilities, although it does not single out Chinese-manufactured ones in its cybersecurity measures.
- The U.S. Coast Guard is authorized to respond to malicious cyber activity in the marine transportation system, which includes port facilities.
- Reporting of cyber threats and incidents in vessels, harbors, ports, or waterfront facilities is required under the newly issued executive order.
- The Biden administration's efforts to boost cybersecurity extend beyond port facilities, as seen in its previous executive orders focusing on AI integration, innovation, and foreign cyber threat actors.
- Experts have highlighted the risks posed by weak security at U.S. port facilities, emphasizing the need for continued proactive measures to protect these facilities and critical infrastructure.
