Strengthening Cybersecurity Information Sharing and Coordination in Our Ports Act of 2015by Representative Sheila Jackson Lee
Posted on 2015-12-16
JACKSON LEE. Mr. Speaker, I speak in support of H.R. 3878, the
Strengthening Cybersecurity Information Sharing and Coordination in Our
I thank Chairman McCaul and Ranking Member Thompson for their bipartisan work and stewardship of the Committee on Homeland Security's work, which includes H.R. 3878.
Congresswoman Torres should be commended for her hard work that led to the introduction of the Strengthening Cybersecurity Information Sharing and Coordination in Our Ports Act.
H.R. 3878, requires the Department of Homeland Security (DHS) to seek to enhance cybersecurity situational awareness and information sharing between maritime security stakeholders, the maritime industry, port owners and operators, which include maritime terminal owners and operators.
This bill requires DHS to: consult with the Coast Guard to enhance participation by the Maritime Information Sharing and Analysis Center in the National Cybersecurity and Communications Integration Center; and request that the National Maritime Security Advisory Committee report and make recommendations to DHS on methods to enhance cybersecurity and information sharing between stakeholders.
The bill also assures DHS leadership in port security by requiring the agency's maritime security risk assessments to include cybersecurity risks to ports and the maritime border of the United States.
Ports serve as America's gateway to the global economy. The nation's economic prosperity rests on the ability of containerized and bulk cargo arriving unimpeded at U.S. ports to support the rapid delivery system that underpins the manufacturing and retail sectors.
My service in the House of Representatives has focused on making sure that our nation is secure and prosperous.
A central component of national security is the ability of our International Ports to move goods into and out of the country.
The Port of Houston is critical infrastructure: According to the Department of Commerce in 2012, Texas exports totaled $265 billion.
The Port of Houston is a 25-mile-long complex of diversified public and private facilities located just a few hours' sailing time from the Gulf of Mexico.
In 2012 ship channel-related businesses contributed 1,026,820 jobs and generated more than $178.5 billion in statewide economic impact.
In 2014, the Port of Houston was ranked among U.S. ports as the 1st in foreign tonnage; largest Texas port with 46 percent of market share by tonnage and 95 percent market share in containers by total TEUS in 2014; largest Gulf Coast container port, handling 67 percent of U.S. Gulf Coast container traffic in 2014; and 2nd ranked U.S. port in terms of total foreign cargo value.
The Government Accountability Office (GAO), reports that this port, and its waterways, and vessels are part of an economic engine handling more than $700 billion in merchandise annually.
A Maritime Cyber-RISKS report published in 2014 outlined examples of cybersecurity vulnerabilities that are specific to ports.
The Cyberattacks examined included: Theft of money by deceiving a company into transferring large amounts of funds to a bank account owned by criminals; In 2013, the FBI issued a warning to maritime companies warning them of a fraud committed against several companies using a man-in-the- middle cyberattack that resulted in $1.65 million in losses.
In this attack an impersonation occurs when the email address of a trusted party is co-opted or taken over by an unknown 3rd party.
The trusted 3rd party makes a request to change banking information that should be used to provide payment for legitimate services provided an established business relationship.
The legitimate business is not aware of the request to change bank payment information.
When the payment is sent, thieves receive it and quickly close the account so that the funds cannot be retrieved.
Another malicious attack that does not involve theft of funds can occur if the location of cargo information is deleted by a cyber- attacker.
According to CyberKeel this type of attack happened to a shipping company in 2011.
In this attack data related to rates, loading, cargo number, date and place were corrupted.
This cyberattack meant that no one at the port could identify where containers were, whether they loaded, nor identify which containers were on ships.
Cyberattack that targeted technology used by companies who are taking receipt of cargo at port locations.
The Firmware software code on handheld scanning technology that reads barcodes on containers was corrupted by malware.
When the scanners were plugged into the company's network the corrupted code started a series of automated cyberattacks that searched the company's network for financial information.
After finding the information, a connection was established with a computer in China.
Cyberattack at the Port of Antwerp was run by a drug smuggling ring.
In this attack the cyber criminals were able to gain control of the port terminal system that allowed them to release containers to their own trucks without the knowledge of port authorities.
This attack is particularly chilling when considering our efforts to protect against weapons of mass destruction in the form of biological, nuclear and chemical weapons from being brought into the country undetected.
This type of attack also has implications for persons entering the country undetected.
The same attack carried out against port worker automated identification systems would open the door on a host of domestic security issues.
Our nation has thousands of miles of coastlines, lakes, and rivers and hundreds of ports that provide opportunities for legitimate travel, trade, and recreation.
At the same time, these waterways offer opportunities for terrorists and their instruments, and drug smugglers to enter our country.
Cybersecurity at ports must be national priority, for this reason, I ask my colleagues to join me in voting in favor of H.R. 3878.
The SPEAKER pro tempore (Mr. Donovan). The question is on the motion offered by the gentlewoman from Michigan (Mrs. Miller) that the House suspend the rules and pass the bill, H.R. 3878, as amended.
The question was taken; and (two-thirds being in the affirmative) the rules were suspended and the bill, as amended, was passed.
A motion to reconsider was laid on the table.