Why ALL your vessels should be considered cyber targets

Cyber attacks are considered a more significant threat to the maritime industry than piracy and grounding combined. But why?

The world is constantly connecting. Organizations and entities previously untouched by geopolitical tension, profit-driven cyber attacks, and hacktivism are now essential stakeholders. Unfortunately, that also makes them targets.

NORMA Cyber’s annual threat assessment for 2024 points to three main categories of digital threats: cybercrime, state actors, and hacktivism. In this article, we outline how these scenarios will affect the private sector of our maritime industry. But first … 


Why are they targeting you?

The threat of cybercrime is apparent. The same motives apply to modern cyber attackers as the pirates of old: profit. 2023 was a record year for ransomware attacks against the maritime sector, with methods becoming ever more advanced and sophisticated. Generative AI makes distinguishing between friend and foe more complex by the day, exponentially magnifying attacks.
However, profit-driven cybercrime isn’t your only concern when protecting assets and operations online. The private sector in maritime industries often finds itself entangled in geopolitical tensions due to its strategic importance in global trade and transportation networks. Unfortunately, energy resources and food supply have become weapons of war.

Cargo is no longer their only objective. As key players in these sectors, maritime companies possess valuable digital assets and information that state and non-state actors can exploit for political ends. Additionally, their operations can impact geopolitical dynamics, making them potential targets for adversaries seeking to exert influence or disrupt rival interests. 

For the rest of 2024 and beyond, the private sector in maritime industries is more likely to be involved in attacks with political motives, given their central role in shaping and navigating geopolitical waters. You are a target whether you like it or not. And even if they don’t target you directly, your operations will likely suffer as collateral damage.

As a supplier, your assets may seem low-value, but they can be the missing piece of the puzzle in the wrong hands. Know the value of your assets—and why. 


A matter of national security

In 2023, the Black Sea, the eastern Mediterranean, the Red Sea, the Arabian/Persian Gulf, and the South China Sea experienced high GNSS interference activity, such as signal jamming and spoofing. So far in 2024, the trend continues, and the seas are becoming more dangerous.

Several hacktivist groups, both independent and state-backed, have targeted the maritime sector recently with coordinated distributed denial-of-service (DDoS) attacks. Though not evident, you can be a suitable target simply because of affiliation.

The surge in international trade and collaboration makes everyone intriguing for someone, whether it’s because of technology, intelligence, or other assets. We’ve covered the operational and financial consequences of a successful attack. Keeping vigilant and secure is good business. But what about politics? Regulations? Or even ethics?

Foreign, hostile intelligence or technology acquisitions can take many forms, such as the attempted Russian purchase of the Norwegian company Bergen Engines, which the Norwegian government eventually blocked. Your vigilance can be a matter of national security. And that’s a huge responsibility.


Technology is your best defense

As the maritime sector digitalizes, many move their assets to the cloud. Your defense mechanisms should follow suit and defend where there’s something to protect. A small investment in cyber security can be worth millions alone, probably tenfold if you include loss of revenue and reputation.

Connecting operations online creates bridges for attackers to follow. Every open door has an open backdoor unless you lock it from the inside. Classification and segmentation are reasonable measures, but security through obscurity (STO) alone won’t protect you. As attackers become more sophisticated using modern technology, they’ll find and exploit your weaknesses. It’s merely a matter of time.

Your best and only option is to stay one step ahead. Using modern infrastructure, patching vulnerable software, and raising crew awareness are measures to safeguard against looming threats. And remember: While your defense has to work every time, an attack only needs to succeed once.


Explore Our Latest News