Innovative technologies are transforming commercial shipping through the development of smart ports. These are without doubt the ports of the future—they will revolutionize the maritime industry through increased efficiency in shipping and pier-side services. But smart ports pose numerous threats to maritime security and the Maritime Transportation System, while the technologies that make them possible also introduce new operational and strategic challenges to Naval and Coast Guard Intelligence.1 These concerns deserve far more scrutiny and discussion than they have received.
What Is a Smart Port?
A smart port uses emerging technologies to improve performance and optimize operations.2 These technologies include the Internet of Things, big data, virtual reality, edge computing, robotics, autonomous vehicles, and artificial intelligence (AI).3 When they combine to form an interconnected ecosystem with a supporting framework and infrastructure, the modern port of the past half-century becomes a smart port.4
Smart ports offer numerous advantages. Data-driven technologies make decisions, improving productivity and digitalizing the maritime environment. By anticipating maintenance tasks and mitigating human error, smart ports are arguably safer than other kinds, but the technologies incorporated in them create new vulnerabilities. Each new weakness is an opportunity for nefarious state and nonstate actors to ransom commercial enterprises, interrupt military operations, and harm U.S. Navy and Coast Guard assets and personnel.
The Chinese Smart Port Threat: A Counterintelligence Nightmare
The proliferation of Chinese technology throughout smart ports, including U.S. seaports, should be at the forefront of Naval and Coast Guard Intelligence and counterintelligence awareness and activities. Chinese companies own or operate 100 ports in 60 countries. Their technology populates international ports, further extending China’s reach. Consider crane technology built by Shanghai Zhenhua Heavy Industries Company Limited (ZPMC). This company’s cranes possess sophisticated sensors and account for 80 percent of cranes in U.S. ports, including in 10 U.S. strategic seaports. This presence may provide China with significant visibility into supply chains, indications and warning of U.S. vessel deployments, and unrestricted access to the digital infrastructure of port operations. Some national security and Pentagon officials have compared ZPMC ship-to-shore cranes to a Trojan Horse that gives Beijing a possible spying tool that hides in plain sight. China also is dominant in logistics management systems, thanks to the National Transportation and Logistics Public Information Platform (LOGINK).
U.S. Navy and Coast Guard assets must be secure in their homeports and at ports abroad. The presence of ZPMC and LOGINK requires additional intelligence collection and analysis. The services’ collection managers must prioritize efforts to fully understand this threat vector.
Fortunately, the increased Chinese presence in U.S. ports has received the attention of U.S. lawmakers. In March 2023, Rep. Michelle Steel (R-CA) and Sen. Tom Cotton (R-AR) introduced draft legislation in the Securing Maritime Data from Communist China Act that calls for the ban of “the free, Chinese state-owned logistics platform LOGINK from being used by U.S. military or commercial interests at ports at home or abroad.” In February 2024, the Biden administration issued an executive order that bolsters the security of the nation’s ports, alongside a series of additional actions that strengthens maritime cybersecurity and fortifies U.S. maritime supply chains. Then, in May, U.S. Senate Intelligence Committee members Bob Casey (D-PA) and Mark Kelly (D-AZ) introduced legislation to protect American port infrastructure from Chinese cybersecurity threats—including the threat of espionage— through the Secure Smartports Act. This act would require the National Counterintelligence and Security Center to develop and implement a plan to help companies and port systems manage the risks of using Chinese technology that could give Beijing an opening to spy on and potentially take control of U.S. critical infrastructure and supply chains.
The threat posed by Chinese technology also extends into foreign smart ports where U.S. Navy ships and Coast Guard cutters visit and where Military Sealift Command and commercial ships carry military cargo. It has never been more critical to identify who owns a port, who operates it, what commercial entity is providing the telecommunications line, and what sensors, receivers, and transmitters serve the facility. It is not farfetched to imagine a Chinese-owned or -operated smart port using infrastructure to scrape data from wireless devices and unsecured communications along piers and berths where U.S. warships moor and personnel connect to contact their friends and loved ones. As the crew debarks from their ship, Chinese sensors could scrape data from WiFi- or 5G-connected devices. This would be turned over to Chinese cyber actors to identify personal vulnerabilities and develop individualized plans to target crewmembers that fill specific roles of foreign-intelligence interest.
Tools for Great Power Competitors
Smart ports will have profound effects on great power competition that will require Naval and Coast Guard Intelligence to reevaluate force protection and counterintelligence initiatives.
For starters, smart ports facilitate the shipment aspect of global supply-chain competition. If a country controls more of these ports and improves its access to others—while smart technology gives it more information about what is moving through these ports—that country has a competitive advantage. Beijing’s strategy is to export smart-port capabilities to all countries, with a focus on lower-income nations. China can then take advantage of its access to those capabilities to strengthen its competitive advantage in the global supply chain. The Chinese also dominate the market by undercutting competition on cost, making their technological exports highly desirable to all countries and ports in the cost-conscious, low-margin shipping industry. These investments also would provide tactical and operational advantages to Chinese land and maritime forces if war were to occur.
To focus on smart ports’ role in competition with a peer rival, Naval and Coast Guard Intelligence must push beyond analysis that primarily focuses on military capabilities. Great power competition requires updated training, education, and billet structures that best develop the community’s understanding of the nonmilitary aspects of its operating environments. Intelligence professionals must pursue further education on specific smart-port capabilities and technologies, and leaders must examine how offices are organizationally structured to provide commanders with the best decision advantage. Intelligence professionals also must study cyberattacks such as NotPetya that affected seaports and develop an understanding of the unintentional and cascading effects cyberattacks have on great power competition.
Additional Vulnerabilities and Intelligence Challenges
Smart-port technology certainly can yield operational improvements. Private networks and 5G connectivity enable dual-use technologies that improve speed, performance, and security and operate remote-controlled services, cranes, and fuel depots. At the same time, this technology creates a ready avenue for the purposes of malicious cyber actors. For example, an adversary might use a compromised network to take control of a remote-controlled crane and swing the crane straight into a U.S. warship to damage the vessel and halt its operations. An adversary could even freeze port operations remotely, necessitating manual labor and significantly slowing cargo loading to reduce tactical advantage—or rendering a port inoperable for strategic/logistical use.
Advanced technology such as the Internet of Things further eases targeting U.S. warships while in port. The bidirectional nature of the Internet of Things, without appropriate cybersecurity hygiene in place, means that malware entering at one endpoint can quickly spread to an entire network. An adversary could access the smart port’s operations interface, work its way to the ship’s telecommunications line, and access the ship’s servers, obtaining persistence that gives it the ability to return again and again. Distributed denial of service (DDoS) attacks are another common method that can shut down smart ports and greatly affect U.S. military maritime operations. A successful DDoS attack against a port’s Industrial Control System could prevent stores, ammunition, and critical parts from being loaded, requiring a ship to remain in port for an extended amount of time. If the smart port is already inoperable, the ship may have to leave the operating area to resupply at another port.
Overall, the “cyber border” of a smart port has significantly increased, expanding the attack surface for a future cyberattack and making each port more susceptible to a greater variety of threats.
These additional vulnerabilities and the smart-port threat created by Chinese activities are critical new intelligence challenges for intelligence communities. The community must focus collection efforts on understanding details such as which ports employ zero-trust strategies, which have operationalized digital-twin technology, or which use AI—and to what degree that AI is trusted and responsible.5 Understanding the cybersecurity of smart ports used for U.S. port visits is critical to protecting assets abroad.
Next, the intelligence communities need to closely align with federal agencies as well as research and development centers working on alternative technologies that can limit the effectiveness of smart ports —or entirely shut them down. Without knowing which technologies exist and what potential capabilities adversaries have, intelligence-led red-team analyses and exercises will not properly test operational plans.
In addition, Naval and Coast Guard Intelligence must recognize that much of the value smart ports offer derives from data, but the exposure or release of that data is also one of their greatest risks. They must evaluate and protect against risks to data sovereignty and privacy to ensure U.S. military equipment, resources, and personnel that move on and under the sea are protected. Security and privacy surrounding the collection and use of personal data for potential surveillance must be prioritized.
How Maritime Transportation Can Flourish
Smart ports—in particular, those that use Chinese technology—are reshaping the global maritime order. These facilities will affect U.S. military maritime operations, including in-theater dwell time of warships, by influencing where and how often U.S. warships conduct port calls and where the U.S. military moves equipment. These impacts require a simultaneous reinvestment and shift in strategic goals and priorities for Naval and Coast Guard Intelligence. Current strategic intelligence documents do not appropriately emphasize the emerging interconnectedness of technology and the global Maritime Transportation System, and the way this convergence affects U.S. military maritime operations. Community professionals need to look beyond traditional military analysis, understand that military operations and the Maritime Transportation System are inextricably linked, and focus on emerging technologies that impact smart ports while dedicating resources to excel in open-source, all-source, and predictive analysis. Leaders must prioritize research and analysis efforts on military-tangent commercial targets.
Naval and Coast Guard Intelligence must continuously and rigorously evaluate port ownership, cybersecurity, technology, and risk of digital compromise. Failure to address these topics will have far-reaching ramifications for the entire maritime domain. As more ports worldwide become smart ports, Naval and Coast Guard Intelligence must jointly research and evaluate the physical and cybersecurity considerations related to technologies that enable smart ports to protect the joint force, ensure U.S. maritime supremacy, and allow the Maritime Transportation System to flourish for the benefit of the nation.
1. Sheraz Aslam, et al., “IoT for the Maritime Industry: Challenges and Emerging Applications,” Proceedings of the 18th Conference on Computer Science and Intelligence Systems, 2023.
2. Basma Belmoukari, et al., “Smart Port: A Systematic Literature Review,” European Transport Research Review Vol. 15, 2023.
3. Big Data: extremely large and diverse collections of structured, unstructured, and semi-structured data that continue to grow exponentially over time. These datasets are so huge and complex in volume, velocity, and variety, that traditional data management systems cannot store, process, and analyze them. Edge Computing: an emerging computing paradigm focused on processing data closer to where it is being generated, enabling processing at greater speeds and volumes, leading to greater action-led results in real time.
4. Fundación Valenciaport, “Smart Ports Manual: Strategy and Roadmap,” Inter-American Development Bank, 2020.
5. Zero Trust: a collection of concepts and ideas designed to minimize uncertainty in enforcing accurate, least-privilege per-request access decisions in information systems and services in the face of a network viewed as compromised. Digital Twin Technology: a virtual representation of an object or system designed to reflect a physical object accurately.