Cybersecurity Threats in Port Logistics Systems and Stowage Plans

Container ports are strategic nodes in the global economy and military logistics, with approximately 80% of global trade transported via maritime routes, according to the United Nations Conference on Trade and Development (UNCTAD). Disruptions in port operations can have serious economic consequences, severely impacting supply chains and daily life. A remarkable example is the block of six days of the Suez Canal in 2021 by a Maersk vessel, which caused global logistical disruptions resulting in financial losses estimated between 15 and 17 thousand of millions of dollars. Additionally, the stability of cargo ships is highly dependent on container placement, and improper loading can result in cargo losses, evaluated around 28 thousand dollars per container, or in extreme cases capsizing, thereby endangering lives of onboard operators. Therefore, the maritime sector has adopted several technologies, such as ad-hoc software and Internet of Things (IoT) devices, to improve operational efficiency and safety. However, the widespread use of these tools has significantly expanded the attack surface for malicious actors and, for this reason, government authorities have raised serious concerns about potential cyber incidents. For example, over 80% of the cranes operating in American ports are manufactured by a Chinese military company that reduced cybersecurity funding in recent years, making the cranes highly vulnerable to cyber attacks. Despite the importance of security in logistics port operations, no prior studies have thoroughly investigated the implications of tampering with stowage plans and cargo details. The contribution of this thesis extends beyond the technical exposition of recent cyberattacks and incidents against ports, but we are the first to analyse this context and propose comprehensive threat models targeting the manipulation of stowage plans, along with the identification of potential attack vectors within port logistic workflows. In addition, we propose an implementation of malicious software that, starting from a legitimate stowage plan, can generate a dangerous permutation of container placements. This program is designed to alter only non-visible stability parameters, making detection via visual inspection extremely difficult. The resulting stowage plans significantly reduce the vessel's righting moment and increase the likelihood of maritime incidents. Using a commercial vessel stability simulator, we successfully violated 4 of 6 seaworthiness constraints mandated by the International Maritime Organization (IMO), drastically reducing the ability of the vessel to restore to its upright position during heeling caused by external forces. Finally, we propose advanced countermeasures based on recent studies on the authenticity and integrity of data, to avoid tampering with stowage plans and cargo details within the port ecosystem.