X-Industry

Maritime Cyber Threats 2025

Posted by Bill Schenkelberg on July 10, 2025 at 2:06pm

13658411471?profile=RESIZE_400xShipping companies are in the firing line of cyber threats and need to be proactive in preventing attacks by increasing investment in security and training.  Many security solutions are inexpensive but need top executives to be involved in practicing security issues, identifying vulnerabilities and updating software on onboard operating systems.[1]

An expert panel recently discussed how technical developments in digitalization and communications have made ships more vulnerable to cyber-attacks during Riviera’s Securing the digital waterway: a proactive approach to maritime supply chain cyber risks webinar.  This webinar tackled the vulnerabilities within the interconnected maritime supply chain, providing a detailed approach to preventing attacks and promoting collaboration between ports and shipping companies.  On the panel were Liberian Registry senior vice president for fleet communications and technology, Kyle Hurst, and Novamaxis director and founder, Peter Schellenberger.  They considered the need for proactive measures to detect and manage anomalies, protect IT and operational technology (OT) systems, and ensure an effective response and recovery from security breaches.

Mr. Hurst said the rapid deployment of maritime communications via low Earth orbit (LEO) satellites has exposed ships to more cyber threats without advancing cyber security.  “With LEO, there has been a burst of bandwidth, with up to 100 Mbps connections,” he said.  “With no improvements in cyber-security technology and training, cyber resilience is not keeping pace of communications.”

LEO constellations enable shipowners, operators and managers to store data on cloud infrastructure and use analytics applications.  But these connections could be compromised if LEO satellite communications are not encrypted or secured.  “Crew are setting up LEO communications themselves on ships and there have been incidents of crew plugging in these open powerful satellite communications into corporate networks, thereby overcoming IT protections put in place,” said Mr. Hurst.  In these cases, seafarers could accidentally download infected online content straight into ship IT systems.

Another method of accidently transferring cyber threats into ship IT and OT systems is from plugging USB memory sticks with viruses straight into bridge workstations.  “Some USBs from contractors have malware on, so they are risks to OT on ships and can have a catastrophic impact,” says Mr. Hurst.  “Owners need to protect OT and delicate technology, work out strategies to identify cyber risks and monitor OT better.”

Often, a cyber breach is from a seafarer overcoming security protocols, being careless with email links or becoming a victim of phishing scams.  “It is all about raising awareness, doing risk-based assessments and better reporting of incidents”

Mr. Hurst said there was an incident where “crew set up bitcoin mining from ship computers” while there are many instances of seafarers being careless with ship IT resulting in cyber issues.  He urged shipowners to become more aware of the potential for cyber security issues, to identify vulnerabilities and react through training and closing USB ports on OT.  “It is all about raising awareness, doing risk-based assessments and reporting incidents,” said Mr Hurst.  “It is valuable to spread information around, so others can know what is coming over the pipe to them and they are better armed to take on the cyber risks.”

Mr. Schellenberger says ship operators, owners and managers need to increase their investment in training crew and onshore managers need to identify cyber risks and react correctly to prevent security breaches.  “Around 80% of cyber incidents are crew induced,” he said. “Seafarers still use USBs and cyber risks are increasing. Many incidents involve people looking for ways around IT system safeguards.”

Basic ways shipowners can improve their cyber health and reduce risk on ships include separating OT and crew communications; updating software on ship computers; locking USB ports; and offering training to raise awareness of online dangers.  “These are low-hanging fruits,” said Mr. Schellenberger.  “But if training programs are there, many are still tick-box exercises with seafarers having to do those,” he said.  “They are hellishly boring and do not reflect the risks crew encounter.”

Other risks are from keeping the same passwords for months and years, not updating IT networks or having specialist IT personnel in management offices or on ships.  “If systems are 15 years old, how much have they been updated?”  Mr. Schellenberger asked.  “Owners are reluctant to include cyber security as part of their operating budget or pay for risk mitigation; this is disturbing,” he continued.  “Global fleets are made up of small and medium-sized owners without dedicated IT structures.  They cannot afford cyber security or IT specialists, which means they could be in trouble.”

Awareness and solutions - At least 60% of the world’s shipowners are doing the minimum in cyber security.  But the whole industry needs to be aware of online dangers and improve cyber resilience.  Mr. Schellenberger said all owners should use IT specialists to regularly clean their networks, improve crew awareness training, perform drills simulating cyber breeches and infections, and involve executives when planning how to react to a cyber incident.  There is also a greater need for proactive threat monitoring using real-time monitoring tools for both IT and OT systems to improve threat detection and response.

Webinar poll results - Attendees were asked to vote on a series of poll questions during the webinar.  Here is a summary of the results:

  • When it comes to cyber security in the maritime supply chain, which best describes your organization’s current stance?

 

  • Proactive: 50%
  • Reactive: 25%
  • Compliant: 25%
  • Passive: 0%

 

  • In your view, are current training programs (both on shore and on vessels) sufficiently immersive and relevant, or do they primarily serve as tick-box exercises?

 

  • Training is immersive and relevant: 50%
  • Training is mostly a tick-box exercise: 12%
  • Training is a mix of both: 38%

 

  • Which area do you consider the greatest cyber risk to your maritime operations?

 

  • IT systems (such as business networks and email): 29%
  • OT systems (such as cargo handling and navigation): 14%
  • Third-party vendors and suppliers: 0%
  • Human error or lack of awareness: 57%

 

  • Does your company have sufficient internal IT expertise (both in the office and on board) to address today’s challenges and the increasing risk profile?

 

  • Yes, we have sufficient expertise in both areas: 25%
  • Sufficient expertise in the office, but not on board: 50%
  • Sufficient expertise on board, but not in the office: 0%
  • No, we do not have sufficient expertise in either area: 25%

 

  • What is the main barrier to improving cyber security in your organisation?

 

  • Lack of budget: 15%
  • Lack of expertise: 14%
  • Complexity of regulations: 14%
  • Resistance to change: 57%

 

  • Which of the following would most improve your confidence in your company’s cyber resilience?

 

  • More frequent and realistic cyber incident simulations: 63%
  • Stronger regulatory guidance and clarity: 13%
  • Greater transparency from technology vendors and service providers: 24%
  • Enhanced training and awareness for all personnel: 0%

 

This article is shared with permission at no charge for educational and informational purposes only.

Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization.  We provide indicators of compromise information via a notification service (RedXray) or an analysis service (CTAC).  For questions, comments or assistance, please contact the office directly at 1-844-492-7225, or feedback@redskyalliance.com    

Weekly Cyber Intelligence Briefings:

Weekly Cyber Intelligence Briefings:

REDSHORTS - Weekly Cyber Intelligence Briefings

https://register.gotowebinar.com/register/5207428251321676122

[1] https://www.rivieramm.com/news-content-hub/news-content-hub/secure-ships-seafarers-against-growing-cyber-threats-85367

Views: 8
Tags: tr-25-191-001, maritime threats, cyber security, leo, training, satellite communications, it, ot
E-mail me when people leave their comments –
Follow

You need to be a member of Red Sky Alliance to add comments!