WASHINGTON – From June 10-13, the U.S. Department of Homeland Security (DHS) partnered with the Government of Indonesia under U.S. Department of State International Narcotics and Law Enforcement and U.S. Department of Defense Threat Reduction Agency programs to enhance the security and resilience of the international maritime transportation system. This reflects a joint commitment by both nations to strengthen cybersecurity collaboration and protect maritime critical infrastructure from malicious cyber intrusions and cyber-attacks under our upgraded Comprehensive Strategic Partnership. In partnership with U.S. Embassy Jakarta, the Government of Indonesia, and various Indonesian maritime port authorities, DHS conducted a successful tabletop exercise and workshop focused on enhancing maritime cybersecurity and incident response capabilities in Indonesia and the Indo-Pacific region.
The collaboration built upon Secretary Mayorkas’s priority to enhance close cooperation with partners in the Indo-Pacific region with focused discussions on protocols for incident response, information sharing, and the identification of future bilateral cooperation to mitigate current and emerging cyber threats to critical maritime infrastructure. Held in Surabaya, this was the first comprehensive port-focused cybersecurity tabletop exercise held with Indonesian counterparts. The exercise allowed DHS and Indonesia cybersecurity officials to enhance response capabilities through a series of simulations, including a major cyber incident impacting port operations with cascading impacts from exploited vulnerabilities in ship-to-shore cranes and ransomware attacks that disabled critical systems and exfiltrated proprietary and personal information. Throughout the exercise, Indonesian public and private sector participants discussed mitigation techniques and worked to operationalize lessons learned, enhancing maritime cyber resilience.
"The maritime transportation system is a vital lifeline for global trade and commerce," said Under Secretary for Policy Rob Silvers. "This exercise allowed us to stress test cyber incident response plans with Indonesian counterparts, as well as identify areas where we can collaborate more closely to secure the maritime domain from cyber threats."
“By sharing information, technology, and know-how, the United States and Indonesia will be able to successfully address marine and cyber challenges,” Consul General Jonathan Alan stated. “Exercises like this help not only strengthen our technical capabilities but forge invaluable future partnerships and, the United States looks forward to building on these important exchanges.”
Following the tabletop exercise, the U.S. Coast Guard facilitated a maritime cybersecurity workshop for public and private sector Indonesian maritime counterparts to share U.S. Coast Guard policies and best practices related to maritime cyber incident prevention and response. In particular, the U.S. Coast Guard outlined its efforts related to President Biden’s February 2024 Executive Order on Amending Regulations Relating to the Safeguarding of Vessels, Harbors, Ports, and Waterfront Facilities of the United States.
"Cyber threats in the maritime environment continue to grow more sophisticated and pernicious," said Jon Kennedi, Director of the Indonesian Directorate of Sea and Coast Guard. "Confronting these threats requires a comprehensive approach that integrates operational coordination, capacity building, and the sharing of risk information across governments and industry stakeholders."
“The Cybersecurity and Infrastructure Security Agency (CISA) was honored to collaborate with our U.S. Federal Government partners and the Government of Indonesia during this week’s maritime cyber incident response tabletop exercise and workshop,” said CISA’s Deputy Executive Assistant Director for Infrastructure Security Steven Harris. “This joint exercise underscores the importance of international planning and collaboration to strengthen our cyber defenses and ensure the resilience of our maritime infrastructure. Together we are better prepared and equipped to tackle cyber threats and ensure the safety and security of global maritime activities.”
The three days were coordinated by the Department’s Office of Policy and U.S. Embassy Jakarta, and led by the Cybersecurity and Infrastructure Security Agency (CISA) and the U.S. Coast Guard (USCG). Subject matter inputs came from other DHS entities including the U.S. Customs and Border Protection, the Office of Intelligence & Analysis, and the Supply Chain Resilience Center. Indonesian subject matter experts attended from Indonesia’s Ministry of Sea and Transportation (KPLP), Harbormaster and Port Authority Office (KSOP), Customs, National Cyber and Crypto Agency (BSSN), Ministry of Defense, Indonesian National Police, Indonesia National Intelligence Agency, Surabaya Container Terminal, Tanjung Priok Port, Taluk Lamong Terminal, Pertamina Patra Niaga Terminal, Meratus Shipping, Pertamina International Shipping, AKR, Tanto Intim Line, and Recognized Security Organization (RSO).