MPA, maritime sector holds inaugural cybersecurity exercise
Exercise CyberMaritime 2021 puts the sector's cybersecurity readiness to the test.
The Maritime and Port Authority of Singapore (MPA) held an inaugural sector-wide maritime cybersecurity exercise on 26, 29, and 30 November. Codenamed Exercise CyberMaritime 2021, the three-day exercise put the sector's cybersecurity incident management, emergency response plans, and crisis communications to the test.
The exercise was conducted in a hybrid format involving around 90 participants from MPA, port terminal operators PSA Corporation and Jurong Port (JP), and shipping company Pacific International Lines (PIL).
MPA Chairman Niam Chiang Meng will observe the exercise on 30 November, together with MPA CEO Quah Ley Hoon, PSA International regional Southeast Asia CEO Ong Kim Pong, JP CEO Ooi Boon Hoe, and PIL executive director Gan Chee Yen. They will witness the operational responses to the attack scenarios and the exercise outcomes.
"The maritime industry is undergoing rapid digitalisation. It is imperative to better prepare against the threat of cyber-attacks which have become more sophisticated. As the world's busiest transhipment hub and a key node in the global supply chain, the maritime sector in Singapore will be more vulnerable if it is not prepared to deal with such cybersecurity threats. I am glad that the exercise has brought together our partners to test not only our readiness but also enable better coordination in crisis response amongst all stakeholders in the maritime sector should an incident occur," said Niam.
The exercise focuses on the cyber-physical implications of potential cyber-attacks and the increased risks in data theft and loss. The scenarios will cover data leaks, ransomware, web defacement, distributed denial of service or DDoS, supply chain attacks, and compromise of critical maritime and port systems. In the lead-up to the three-day exercise, participants undertook a series of scenario-planning sessions and workshops and updated their incident management and mitigation plans.