Maritime and port cybersecurity.

The European Union Agency for Cybersecurity (ENISA) is preparing a new edition of its pan-European Cyber Europe cybersecurity exercise, scheduled for June 2026.

This 8th edition of the exercise series will focus on critical transport infrastructure, particularly the maritime and rail sectors, both considered highly critical under the NIS2 Directive.

Official exercise page:
https://www.enisa.europa.eu/topics/skills-and-competences-for-companies/cyber-europe

Organised every two years since 2010, the Cyber Europe series simulates complex cyber crises involving multiple EU Member States and organisations.

On 4 March 2026, the European Commission also released a second communication specifically focused on European ports: the EU Ports Strategy.

This document complements the Industrial Maritime Strategy published the same day and focuses on the strategic role of ports in logistics chains, trade and European economic security.

The full document is available here:
https://transport.ec.europa.eu/document/download/8a1a9516-8efd-44ca-b308-4b3cafc59f38_en?filename=communication_on_EU_ports_strategy.pdf

The Commission highlights that European ports have become critical infrastructure for the European economy and supply chains.

On 4 March 2026, the European Commission released two separate communications outlining its vision for the future of the maritime sector: an Industrial Maritime Strategy and a dedicated strategy for European ports.

The first document, the EU Industrial Maritime Strategy, aims to strengthen the competitiveness and strategic autonomy of Europe’s maritime industries.

The full document is available here:
https://transport.ec.europa.eu/document/download/2cda36ec-b5fc-4cc9-9091-a8014ba8177e_en?filename=communication_on_EU_industrial_maritime_strategy_3.pdf

Beyond industrial and energy considerations, the strategy also highlights the growing importance of security challenges in the maritime domain.

The case of the ferry Fantastic (operated by the Italian company Grandi Navi Veloci, GNV) in Sète, in December 2025, is interesting for several reasons. Not so much for its technical sophistication — which remains limited — but for what it reveals about how cyber incidents are handled, particularly in the maritime domain.

Very quickly, the event was portrayed as a potentially serious case of foreign interference, or even as a scenario involving remote control of a vessel. The reality, as it gradually emerges from publicly available information, is more nuanced — and probably more instructive.

TL,DR: The BIMCO webinar, held on the 3rd of septembre 2025, was moderated by Jakob Larsen and featured NATO MARCOM officers Eric (French Navy) and Kadir (Turkish Navy) on GPS jamming and spoofing threats to maritime operations. Eric highlighted recent incidents: Ursula von der Leyen’s aircraft disrupted by jamming in Bulgaria, the merchant vessel Green Admire spoofed near Russia, and widespread interference in the Eastern Mediterranean linked to military activity. He emphasized that GNSS disruption is now a deliberate tool of hybrid warfare, not accidental.

On July 31, 2025, the CISA (Cybersecurity and Infrastructure Security Agency) and the U.S. Coast Guard (US Coast Guard, USCG) published a joint advisory (available here:
https://www.cisa.gov/sites/default/files/2025-07/joint-advisory-cisa-identifies-areas-for-cyber-hygiene-improvement-after-conducting-proactive-threat-hunt.pdf).

The document follows a proactive threat-hunting operation conducted on the network of a U.S. critical infrastructure organization. Such initiatives are aligned with the Cybersecurity Performance Goals (CPGs) jointly driven by NIST and CISA, as well as with the longstanding—and more recent—work of the USCG on maritime cybersecurity.