There are few idioms about ports, those seaside locations across the globe providing harbors to load or unload ocean cargo. “A port in the storm” comes to mind, which I’ve twisted in the title above for my own purposes soon to come. Maybe your family home serves as your port in the storms of life’s challenges, enemy fire, or other disheartening events. It provides refuge, comfort, and safety amongst family.
There are inland ports facilitating commerce into areas of America that can be reached via waterways. In Kentucky, ports along the Ohio River strategically provide commercial efficiencies, such as through the Jefferson Riverport in Louisville and the Paducah-McCracken Riverport westward.
Other interpretations of “port” exist that do not connote safe harbor, such as Portugal’s fortified wine, with the word signaling the drink’s place of origin. In information technology the word is also part of the lingo, and every time that you find yourself on the internet you happen to be utilizing that type of port. Its meaning there should relate to the seafarer’s relief in finding a port, a safe point of entry, though in a manner quite different than port wine it doesn’t really play out so securely all the time. I suppose in the mariner sense even their ports, intent on providing security to ocean vessels, don’t always result in a safe port amidst a storm.
Take the Port Chicago disaster of 1944 as one example. At Suison Bay, in Contra Costa County in California, a cargo ship headed to the Pacific Theater was being loaded with munitions when a rogue detonation occurred. The explosion killed over 300 sailors and civilians with another 400 injured in the shocking event. Incidentally, the tragedy inordinately affected Black American families since military practices then hadn’t evolved much since the Civil War. African American enlistees who tested lowest were relegated to labor work, and Port Chicago was so manned. Three-fourths of those harmed in the disaster were African American.
The Port Chicago disaster is just one reason that the phrase “safe harbor” exists. If every port was always safe, the adjective would be redundant. The seas, that is the majority of our planet, prove risky no matter how near land one gets while sailing them. Such is life I suppose and even port wine might seem pleasurable and risky at the same time.
Let me take you back to internet ports. In computer speak, a port has some basic similarities to the more traditional ports of call. An internet or network port is an endpoint for something traveling and seeking a landing spot. The information you send and receive online goes through ports. The computer port is assigned an identifier, a mere number rather than descriptive place-names that conventional ports bear. Those trained in technology and computer protocols know cold that port numbers 20 and 21 in a network relate to the endpoints for files that transfer from one user to another. When you look at your address bar within any given web browser, such as Google’s Chrome or Apple’s Safari, and see the “http://” that also signals a port for the Hypertext Transfer Protocol information. Port 80 is for world wide web information. Because I promote information security and privacy, I’ll highlight port 443, which is the landing spot for secured HTTP information, which you can view as “https://...” in your address bar.
All of these IT ports were engineered to provide a safe and secure place where data can be received. However, networking ports like their maritime counterparts are, at their essence, entry-points no different from your front door. You can make sure to close and lock it, to secure your family and belongings within, yet there’s always the risk of someone breaching it, or of you or your family—there’s always one, eh?—failing to lock the door perfectly on the way out. Let’s go back and visit port 443, the seemingly secured port for internet traffic.
There’s this tech company you may have heard of: Microsoft. Microsoft not only is a 45-year-old symbol representing the computer industry. Its largesse also has grown to serve as the technology engine behind millions of business and government operations. Time and again, despite valiant challenges, courts in the U.S. have found Microsoft to not be considered a monopoly, but if there ever was a modern-day enterprise closer to one…. No offense to Apple, which may in and of itself rationalize the courts’ findings of Microsoft’s healthy competition, though I digress. In a fancy presentation online, Microsoft claims over one billion tech devices run its software and operating systems. That’s serious scale, and big competitors always attract many adversaries.
It is a big target, as we learned late last week when Microsoft Exchange Server’s port 443 was compromised in 30,000 reported servers across America. Many who’ve even heard of Microsoft’s Exchange Server understand that it’s used in IT operations to handle email. Your office, for example, runs MS Exchange to manage all of the communications. Everyone communicates through port 443, the secure one for internet traffic as explained above. If a hacker can breach that security they can then access information traveling to and from the port. Last week’s exploit involved tricking the 30,000 Exchange servers to send access requests to themselves. Think back to the door lock. It’s like asking yourself, “Am I allowed in here?” Self-authentication provides the answer “Of course, so let me get the door for me.” Only someone else pretended to be you.
Security experts already identified the Chinese hacking group Hafnium as the attackers, but that’s in the details to me. The truism that ports—65,000 throughout the internet—are both necessary and risky is what to grasp. When we appreciate all those doors and their oft-faulty locks, perhaps we can acknowledge both security and the storm that ports provide.
Ed is a professor of cybersecurity, an attorney, and a trained ethicist. Reach him at edzugeresq@gmail.com.
