47 Spring 2025 Proceedings Protecting the Fleet’s Operational Technology Platform cybersecurity research by roBert coBurN General Engineer Research and Development Center U.S. Coast Guard O nboard cutter control systems represent a unique risk for cyberattacks in that they directly affect physical processes, meaning that anything that impacts the system can also impact real-world activity. The term “operational technology” (OT) has been used to identify these systems as separate from informa- tion technology (IT), and in fact OT systems have often been physically separated from IT. With local networks of purpose-built devices communicating via protocols customized to fit specific applications, OT has long existed entirely apart from traditional IT infrastructure. Research and development of the cybersecurity aspects of OT systems is squarely in the Coast Guard Research and Development Center’s (RDC) wheelhouse, as the command works with entities within the service to pro- tect the fleet. This physical separation limits exposure to local con- nections only, shifting the focus of security towards physical access, for example, those who can put their hands on the system. Any cyberattack on isolated OT would be expected to take a back seat, in terms of impact, to the physical attack required to gain access to the sys- tem in the first place. There are much simpler ways for attackers to significantly affect operations if they can take control of real space. This makes defense against insider threats a top pri- ority for isolated OT, as the credentials needed for system access may not extend beyond those required to physi- cally reach the system if cybersecurity posture has not been specifically considered. Insider threat damage does not even have to be intentional—poor cyber hygiene can be equally devastating. This holds especially true for maintenance vendors and suppliers, who are specifically expected to interact with the system. As an example, consider the Pro Network Entities operation which ran for more than nine years between 2013 and 2022. Tens of thousands of what appeared to be “new, genuine, and high-quality devices manu- factured and authorized by Cisco”1 were in fact “low quality, modified computer networking devices with counterfeit Cisco labels, stickers, boxes, documentation, and packaging.”2 Per a press release from the court case, these devices ended up in hospitals, schools, govern- ment agencies, and the military,3 emphasizing the criti- cal importance of thorough configuration management, as even isolated systems can still be reached through the supply chain. Traditionally, OT systems on maritime vessels have been air-gapped, existing independently with no meth- ods of connection to any external networks. Underway connectivity has historically been less than guaranteed, and the costs of remote access to control systems at sea have tended to outweigh the benefits. This is not nec- essarily true in today’s landscape. The increased avail- ability of satellite services and a focus on data-driven decision-making is driving the integration of OT access through remote IT systems, commonly referred to as IT/ OT convergence, beyond land-based infrastructure to a truly global scale. With increased use of autonomous shipping, offshore platforms, and cargo facilities,4 as mentioned in the 2021 Coast Guard Cyber Strategic Outlook, the Marine Transportation System (MTS) is a prime example of IT/ OT convergence. The additional connectivity required to support this evolution also represents new potential attack pathways, which can be seen in many publicly reported incidents.5 “Without a question, protecting the Marine Transportation System from cyber threats is a shared responsibility requiring both government and industry participation,” said Coast Guard CAPT Andy Meyers, chief of the Office of Port and Facility Compliance. The MTS is made up of 25,000 miles of coastal and inland waterways serving 261 ports, over 124 shipyards, over 3,500 maritime facilities, 20,000 bridges, 50,000 fed- eral aids to navigation, and 95,000 miles of shoreline.6 The Coast Guard has a duty to protect the MTS as part of its ports, waterways, and coastal security mission,
