France moves to strengthen its maritime cybersecurity capabilities

Cyberattacks targeting the maritime sector are becoming increasingly frequent. Ships, ports, and logistics infrastructures are now part of the global digital threat landscape. In response, France has begun structuring an initiative aimed at strengthening cybersecurity across the maritime domain, with several major ports and industrial stakeholders preparing to play a role.

Cyber incidents highlight maritime vulnerabilities

A widely cited example occurred in June 2017, when the shipping company Maersk suffered a major disruption following the spread of the Petya ransomware. The attack disabled thousands of servers and tens of thousands of workstations within the company’s infrastructure. The consequences extended beyond the company itself: operations at several major commercial ports were disrupted, and some facilities had to suspend activities temporarily.

Maersk reported losses of roughly 300 million dollars, while much of its operational activity had to be managed manually for several days. The incident illustrated the systemic nature of cyber risk in global logistics networks.

Since then, additional cyber incidents have affected the maritime sector. In 2018, cyberattacks targeted the ports of Barcelona and San Diego. Other reports indicated ransomware activity affecting the Port of Long Beach and the shipping group COSCO. Security researchers have also demonstrated the potential operational consequences of cyber intrusions aboard ships. In one experiment, engineers were able to compromise a container ship’s onboard systems after gaining access through a phishing email, eventually interfering with navigation equipment and engine management systems.

These events have reinforced awareness that maritime infrastructure is increasingly exposed to cyber threats.

France seeks to structure a national response

France, which possesses one of the largest maritime domains in the world, began addressing the issue formally in 2018. A report issued by the Secrétariat général de la mer emphasized the importance of strengthening cybersecurity within the maritime sector, both to protect critical systems and to support the development of national expertise in this field.

The report proposed several measures, including the creation of a dedicated coordination structure and the establishment of mechanisms to improve cooperation between public authorities, industry, and research institutions.

A project taking shape

Discussions among stakeholders have continued since then. At the International Cybersecurity Forum held in Lille in early 2020, representatives from the maritime and cybersecurity communities explored concrete ways to organize these efforts.

One initiative currently under discussion would involve creating a maritime cybersecurity coordination center in Brest, with complementary activities in other major port cities such as Le Havre and Marseille. The project is supported by several industrial actors and regional authorities and is said to benefit from broad agreement among the organizations involved.

Brest as a central location

Brest is often mentioned as the primary location for such an initiative due to the concentration of maritime institutions already present there. These include the French Naval Hydrographic and Oceanographic Service (SHOM), the French Research Institute for Exploitation of the Sea (IFREMER), and a major naval base. The region also hosts companies and research laboratories involved in maritime technologies and cybersecurity.

This existing ecosystem could facilitate collaboration between operational actors, industry, and academic research.

Operational objectives

Among the measures being considered are the creation of a maritime CERT (Computer Emergency Response Team), the establishment of a Security Operations Center dedicated to maritime systems, and the development of training and exercise programs designed to improve incident response capabilities.

The overall initiative would operate in coordination with the French national cybersecurity authority (ANSSI) and aim to strengthen both the protection of maritime infrastructure and the development of expertise in maritime cybersecurity at the national and European levels.