USA Banner

Official US Government Icon

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure Site Icon

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

U.S. Department of Transportation U.S. Department of Transportation Icon United States Department of Transportation United States Department of Transportation
MSCI Advisory

2023-002-Worldwide-Maritime Port Vulnerabilities - Foreign Adversarial Technological, Physical, and Cyber Influence

  1. Issue: This Advisory seeks to alert maritime stakeholders of potential vulnerabilities to maritime port equipment, networks, operating systems, software, and infrastructure. Maritime ports, facilities, and infrastructure, worldwide, are vulnerable to physical and cybersecurity exposure through foreign adversarial (defined in the Office of the Director of National Intelligence’s (ODNI) 2022 Annual Threat Assessment – and linked in references) access to port equipment and supply chain information management systems. Specifically, proprietary foreign adversarial companies manufacture, install, and maintain port equipment that pose potential vulnerabilities to global maritime infrastructure information technology (IT) and operational technology (OT) systems. In the last few years, the U.S. Government has published several documents (see paragraph 4 below) illuminating the risks associated with integrating and utilizing LOGINK, NucTech scanners, and foreign port cranes.

  1. Guidance: Potentially impacted maritime industry stakeholders should apply cybersecurity best practices for Access Control (identity and access management), vulnerability mitigation, and configuration management, and should:
    • Posture themselves to increase their cybersecurity and cyber resiliency to respond to and report any incidents that could inhibit the ability to continue operations.
    • Improve their knowledge of how port equipment is integrated into their port network to mitigate potential vulnerabilities.
    • Stress the importance of understanding and knowing who maintains access to the foreign maritime technology throughout their port or facility.
    • Be wary of untrusted network traffic. Treat all traffic transiting your network – especially third-party traffic – as untrusted until it is validated as being legitimate.
    • Ensure infrastructure operational resiliency, regarding system security, as well as the ability to maintain equipment and sourcing for critical parts and upgrades.

  1. Contact Information: Maritime stakeholders who discover a compromise or suspicious activity within the Marine Transportation System (MTS), or OT/IT assets should contact:

    • U.S. Coast Guard National Response Center: 1-800-424-8802
    • Cybersecurity and Infrastructure Security Agency (CISA) Central: 888-282 0870 or
    • FBI’s Cyber Division: 855-292-3937 or

  1. References:

  1. Cancellation: This advisory will automatically expire on August 16, 2023.

For more information about U.S. Maritime Alerts and Advisories, including subscription details, please visit