Escalating Cyber Threats in the Maritime Sector Amid Geopolitical Tensions

Severity: High (Score: 75.5)

Sources: New.Abb, Pwc.Nl

Summary

The maritime sector is facing a significant increase in cyber threats, with reported incidents rising by approximately 150% from 2022 to 2025. Key targets include shipping routes and port operations, with state-sponsored actors, particularly from Russia and Iran, conducting sophisticated cyber-attacks. A 2025 report indicated that one in five shipping companies experienced a cyberattack within the year, while ransomware attacks on ships surged by 150%. GPS spoofing incidents affected around 40,000 vessels daily, highlighting vulnerabilities in navigation systems. The integration of IT and operational technology (OT) has created security gaps, exposing critical systems to threats. The maritime industry is urged to enhance cyber resilience as digitalization accelerates. Current geopolitical tensions further complicate the threat landscape, making maritime infrastructure a prime target for hybrid warfare. Key Points: • Cyber incidents in the maritime sector rose by 150% from 2022 to 2025. • State-sponsored attacks from Russia and Iran are increasingly targeting maritime infrastructure. • One in five shipping companies faced a cyberattack in 2025, with significant vulnerabilities in GPS systems.

Key Entities

• GRU (apt_group)
• DDoS (attack_type)
• Ransomware (attack_type)
• Iran (country)
• Russia (country)
• Ukraine (country)
• Transportation (industry)
• T1021 - Remote Services (mitre_attack)
• T1195 - Supply Chain Compromise (mitre_attack)
• T1486 - Data Encrypted for Impact (mitre_attack)