Federal Register, Volume 89 Issue 223 (Tuesday, November 19, 2024)

[Federal Register Volume 89, Number 223 (Tuesday, November 19, 2024)]
[Notices]
[Pages 91413-91414]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2024-26896]


=======================================================================
-----------------------------------------------------------------------

DEPARTMENT OF HOMELAND SECURITY

Coast Guard

[Docket No. USCG-2024-0439]


Issuance of Maritime Security (MARSEC) Directive 105-5; Cyber 
Risk Management Actions for Ship-to-Shore Cranes Manufactured by 
People's Republic of China Companies

AGENCY: Coast Guard, DHS.

ACTION: Notice of availability.

-----------------------------------------------------------------------

SUMMARY: The Coast Guard announces the availability of Maritime 
Security (MARSEC) Directive 105-5, which outlines cyber risk management 
requirements for ship-to-shore cranes manufactured by People's Republic 
of China (PRC) companies. These requirements are in addition to those 
previously promulgated via MARSEC Directive 105-4. The Directive 
contains security-sensitive information and, therefore, cannot be made 
available to the general public. Owners or operators of ship-to-shore 
(STS) cranes manufactured by PRC companies should immediately contact 
their local Coast Guard Captain of the Port (COTP) or District 
Commander for a copy of MARSEC Directive 105-5.

DATES: MARSEC Directive 105-5 has been available since November 13, 
2024.

FOR FURTHER INFORMATION CONTACT: For information about this document 
call or email Brandon Link, Commander, U.S. Coast Guard, Office of Port 
and Facility Compliance; telephone 202-372-1107, email 
[email protected].

[[Page 91414]]


SUPPLEMENTARY INFORMATION:

Background and Purpose

    MARSEC Directive 105-5 outlines requirements in addition to those 
previously promulgated via MARSEC Directive 105-4 on cyber risk 
management actions for owners or operators of STS cranes manufactured 
by PRC companies. MARSEC Directive 105-4 was issued on February 21, 
2024 and was announced in a notice of availability published on 
February 23, 2024. 89 FR 13726 (February 23, 2024). Owners or operators 
of STS cranes manufactured by PRC companies should immediately contact 
their local COTP or cognizant District Commander for a copy of MARSEC 
Directive 105-5.
    The Maritime Transportation Security Act's implementing regulations 
in 33 CFR parts 101-105 are designed to protect the maritime elements 
of the national transportation system. Under 33 CFR 101.405, the Coast 
Guard may set forth additional security measures to respond to a threat 
assessment or to a specific threat against those maritime elements. In 
addition, per 33 CFR 6.14-1, the Commandant ``may prescribe such 
conditions and restrictions relating to the safety of waterfront 
facilities and vessels in port as the Commandant finds to be necessary 
under existing circumstances.''
    STS cranes manufactured by PRC companies make up the largest share 
of the global ship-to-shore crane market and account for nearly 80% of 
the STS cranes at U.S. ports. By design, these cranes may be 
controlled, serviced, and programmed from remote locations, and those 
features potentially leave STS cranes manufactured by PRC companies 
vulnerable to exploitation, threatening the maritime elements of the 
national transportation system.
    As such, additional measures are necessary to prevent a 
Transportation Security Incident in the national transportation system 
due to the prevalence of STS cranes manufactured by PRC companies in 
the U.S., threat intelligence related to the PRC's interest in 
disrupting U.S. critical infrastructure, and the built-in 
vulnerabilities for remote access and control of these STS cranes.

Procedural

    Owners and operators of STS cranes manufactured by PRC companies 
must contact their local COTP or cognizant District Commander to 
acquire a copy of MARSEC Directive 105-5. COTPs or cognizant District 
Commanders may provide this MARSEC Directive to appropriate owners and 
operators via email, mail or fax in accordance with Sensitive Security 
Information (SSI) handling procedures.
    Pursuant to 33 CFR 101.405, we consulted with the Department of 
State, Department of Defense, Department of Transportation/Maritime 
Administration, Department of Homeland Security, Transportation 
Security Administration, Cybersecurity and Infrastructure Security 
Agency, and National Maritime Intelligence-Integration Office.
    All MARSEC Directives issued pursuant to 33 CFR 101.405 are marked 
as SSI in accordance with 49 CFR part 1520. COTPs and District 
Commanders will require individuals requesting a MARSEC Directive to 
prove that they meet the standards for a ``covered person'' under 49 
CFR 1520.7, have a ``need to know'' the information, as defined in 49 
CFR 1520.11, and that they will safeguard the SSI in MARSEC Directive 
105-5 as required in 49 CFR 1520.9.
    This notice is issued under authority of 33 CFR 6.14-1 and 
101.405(a)(2) and 5 U.S.C. 552(a).

    Dated: November 13, 2024.
A. Meyers,
Captain, U.S. Coast Guard, Chief, Office of Port and Facility 
Compliance.
[FR Doc. 2024-26896 Filed 11-15-24; 8:45 am]
BILLING CODE 9110-04-P