[Federal Register Volume 89, Number 37 (Friday, February 23, 2024)]
[Notices]
[Pages 13726-13727]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2024-03822]


=======================================================================
-----------------------------------------------------------------------

DEPARTMENT OF HOMELAND SECURITY

Coast Guard

[Docket No. USCG-2024-0049]


Issuance of Maritime Security (MARSEC) Directive 105-4; Cyber 
Risk Management Actions for Ship-to-Shore Cranes Manufactured by 
People's Republic of China Companies

AGENCY: Coast Guard, DHS.

ACTION: Notice of availability.

-----------------------------------------------------------------------

SUMMARY: The Coast Guard announces the availability of Maritime 
Security (MARSEC) Directive 105-4, which provides cyber risk management 
actions for owners or operators of ship-to-shore (STS) cranes 
manufactured by People's Republic of China (PRC) companies (PRC-
manufactured STS cranes). The directive contains security-sensitive 
information and, therefore, cannot be made available to the general 
public. Owners or operators of PRC-manufactured STS cranes should 
immediately contact their local Coast Guard Captain of the Port (COTP) 
or District Commander for a copy of MARSEC Directive 105-4.

DATES: MARSEC Directive 105-4 is available on February 21, 2024.

FOR FURTHER INFORMATION CONTACT: For information about this document 
call or email Brandon Link, Commander, U.S.

[[Page 13727]]

Coast Guard, Office of Port and Facility Compliance; telephone 202-372-
1107, email [email protected].

SUPPLEMENTARY INFORMATION: 

Background and Purpose

    MARSEC Directive 105-4 provides cyber risk management actions for 
owners or operators of PRC-manufactured STS cranes. Owners or operators 
of PRC-manufactured STS cranes should immediately contact their local 
COTP or cognizant District Commander for a copy of MARSEC Directive 
105-4.
    The Maritime Transportation Security Act's implementing regulations 
in 33 CFR parts 101-105 are designed to protect the maritime elements 
of the national transportation system. Under 33 CFR 101.405, the Coast 
Guard may set forth additional security measures to respond to a threat 
assessment or to a specific threat against those maritime elements. In 
addition, per 33 CFR 6.14-1, the Commandant ``may prescribe such 
conditions and restrictions relating to the safety of waterfront 
facilities and vessels in port as the Commandant finds to be necessary 
under existing circumstances.''
    PRC-manufactured STS cranes make up the largest share of the global 
ship-to-shore crane market and account for nearly 80% of the STS cranes 
at U.S. ports. By design, these cranes may be controlled, serviced, and 
programmed from remote locations, and those features potentially leave 
PRC-manufactured STS cranes vulnerable to exploitation, threatening the 
maritime elements of the national transportation system.
    As such, additional measures are necessary to prevent a 
Transportation Security Incident in the national transportation system 
due to the prevalence of PRC-manufactured STS cranes in the U.S., 
threat intelligence related to the PRC's interest in disrupting U.S. 
critical infrastructure, and the built-in vulnerabilities for remote 
access and control of these STS cranes.

Procedural

    COTPs and District Commanders can access all MARSEC directives on 
Homeport by logging in and going to Missions > Maritime Security > 
Domestic Ports and Waterway Security > Policy. Owners and operators of 
PRC-manufactured cranes must contact their local COTP or cognizant 
District Commander to acquire a copy of MARSEC Directive 105-4. COTPs 
or cognizant District Commanders may provide this MARSEC Directive to 
appropriate owners and operators in accordance with SSI handling 
procedures.
    Pursuant to 33 CFR 101.405, we consulted with the Department of 
State, Department of Defense, Department of Transportation/Maritime 
Administration, Department of Homeland Security, Transportation 
Security Administration, Cybersecurity and Infrastructure Security 
Agency, and National Maritime Intelligence-Integration Office.
    All MARSEC Directives issued pursuant to 33 CFR 101.405 are marked 
as SSI in accordance with 49 CFR part 1520. COTPs and District 
Commanders will require individuals requesting a MARSEC Directive to 
prove that they meet the standards for a ``covered person'' under 49 
CFR 1520.7, have a ``need to know'' the information, as defined in 49 
CFR 1520.11, and that they will safeguard the SSI in MARSEC Directive 
105-4 as required in 49 CFR 1520.9.
    This notice is issued under authority of 33 CFR 6.14-1 and 
101.405(a)(2) and 5 U.S.C. 552(a).

    Dated: February 21, 2024.
Amy M. Beach,
Captain, U.S. Coast Guard, Director of Inspections and Compliance.
[FR Doc. 2024-03822 Filed 2-21-24; 11:15 am]
BILLING CODE 9110-04-P