Security vs efficiency: smart ports in a post-COVID-19 era

As African ports pursue technological innovation to boost trade, new cybersecurity risks will emerge.

Around 90% of Africa’s trade is seaborne. The World Trade Organization has predicted a decline in consumer spending due to COVID-19 that will decrease international trade by up to 30%. This will have far-reaching effects on export-dependent African economies. However in the wake of COVID-19, ports will become the core of Africa’s economic recovery and growth.

Improving the efficiency and capacity of African ports is a major policy goal for the African Union and the Regional Economic Communities, as well as organisations such as the Port Management Association of Eastern and Southern Africa. In the past, African ports have had to contend with delays and backlogs due to low levels of automation.

Even before the global COVID-19 crisis, ports authorities worldwide were under pressure to increase efficiencies, reduce environmental impacts and enhance their facilities’ security. But the pandemic has now made the effective functioning of ports a matter of national security.

With rapid and more accessible technological advances and innovation has come the development of smart ports. A smart port is one that uses automation and new technologies such as artificial intelligence, big data, internet of things and blockchain to improve its performance.

COVID-19 has now made the effective functioning of ports a matter of national security

The aim is to boost a port’s safety and security, optimise management and allow for better planning. Automation is critical for enhancing the competitiveness and efficiency of a port, with programmed equipment handling day-to-day operations. Examples include cranes, self-driving trucks and pallet sensors.

Big data enables new planning guides and facilitates port logistics through the collection and correlation of information on ship positions as they arrive at or leave the port. Through the internet of things, ports are transformed into maritime information-network hubs. Relevant data about vehicles, ships and cargo movement is collected and used in real time to coordinate with shipping and logistics partners.

Ultimately this will lead to near-complete automation of processes, connected through the internet of things, optimising the costs and time for many operational activities. For example the Port of Rotterdam launched its own internet of things platform to allow port officials to identify the best timing and location for a ship to dock, greatly improving operational efficiency.

South Africa has some of sub-Saharan Africa’s busiest ports. It embarked on a project to modernise its port infrastructure to increase its competitive edge under the smart port concept. The Transnet National Ports Authority chose Durban as a pilot for the new project.

South Africa, Egypt and Kenya’s lack of readiness for a cyberattack on its ports is worrying

There have been some notable advances, such as the establishment of an e-commerce platform, and a database that connects the port systems, surveillance cameras, sensors and tracking tools. Drones are also being used for navigation of ships, monitoring and data gathering.

However, with new innovations come new risks. As ports worldwide pursue competitiveness and efficiency, a smart port poses cybersecurity challenges. Numerous high-profile incidents and cyberattacks in recent years show the vulnerability that higher reliance on technology brings. And such attacks can occur at any point along the supply chain.

The most notable incident occurred in 2017. Maersk, the world’s biggest shipping line, came under a cyberattack by a NotPetya virus, causing massive disruptions to the international supply lines and US$300 million in damages. As a result, the fully automated Rotterdam port terminal shut down for over a week. Other cyberattacks include the targeting of port servers and systems at the Port of Barcelona, and a series of ransomware attacks on the port of San Diego and Long Beach.

Criminals may also try to exploit a port’s critical data to steal high-value cargo or allow illegal trafficking through a targeted attack. In 2013, at one of Antwerp’s port terminals in Belgium, a drug cartel took control of containers’ movement and retrieved data on those containing drugs.

South Africa has an opportunity to set the standard for Africa in responding to port cyber threats

A 2019 report by the European Union Agency for Cybersecurity highlighted the problems ports face in implementing cybersecurity measures. These include a lack of digital culture in the port ecosystem, little awareness and training regarding cybersecurity, difficulty staying current with the latest threats and new risks of digital transformation.

South Africa is at the forefront of this trend and handles the highest amount of cargo in sub-Saharan Africa. But it ranks only 56 out of 175 on the 2018 Global Cybersecurity Index which assesses countries on the level of their cybersecurity commitment. Other African countries with busy ports such as Egypt, Kenya and Nigeria rank 23rd, 44th and 57th respectively.

On the National Cyber Security Index which measures the preparedness of countries to prevent cyber threats and manage cyber incidents, South Africa ranked 99 out of 160 in 2019. Nigeria ranked 45th with Egypt and Kenya 77th and 76th respectively.

South Africa, Egypt and Kenya’s lack of readiness for a cyberattack on its ports is worrying. An attack similar to the Maersk incident on any of these ports would incur huge damages to their national economies.

To prevent and prepare for cyberattacks on African ports, appropriate measures are needed. These include the continuous identification and management of risks and threats related to the port ecosystem. Governments also need to establish practices and processes for information technology and operational technology management.

Mandatory cybersecurity training for system administrators, project managers, developers, security officers, harbour masters and other key personnel must be provided. Measures are also needed to protect all systems – including desktops and servers – from malware or viruses.

Whatever the risks, smart ports are here to stay, and their relevance has increased with the COVID-19 crisis. Ways need to be found to minimise risk and maximise gains. With South Africa at the forefront of this development, the country has an opportunity to set the standard for Africa in responding to these new emerging threats.

Richard Chelin, Researcher, ENACT and Denys Reva, Research Officer, Maritime project, ISS Pretoria

In South Africa, Daily Maverick has exclusive rights to re-publish ISS Today articles. For media based outside South Africa and queries about our re-publishing policy, email us.

Related content