Maritime and port cybersecurity.

As discussed several times on this site, the risks associated with satellite-based positioning and vessel tracking systems are numerous. In this context, the European Space Agency (European Space Agency, ESA) has recently announced that it is funding a feasibility study to develop solutions aimed at securing these systems.

ESA has awarded a contract to the Swiss company CYSEC SA to identify possible approaches for strengthening the security of satellite-based ship tracking and positioning services used in the maritime sector. The main risks involve spoofing and jamming of satellite positioning systems (GNSS), as discussed previously here.

The Digital Forensics and Cybersecurity Center of the Tallinn University of Technology (TalTech) and the Estonian Maritime Academy have received nearly €2.5 million in funding from the European Union to establish a maritime cybersecurity center.

Dan Heering, one of the project leaders at the Estonian Maritime Academy, explains that “the maritime industry has never really taken cybersecurity seriously, and there is still a great deal of work to be done in this area. Because there is very little publicly available information about successful cyberattacks or incidents involving ships, shipowners often underestimate the threat.”

This article lists nearly 80 public incidents that have affected the maritime sector, deliberately or otherwise, over the past twenty years. It is not intended to be exhaustive, but please let me know if you are aware of other public and corroborated cases. The aim is not to single out a company or a state, but to raise awareness of incidents that have already occurred and, when known, their consequences. I will add more over time. As always, attribution and sources should be treated with caution, as should the apparent increase in the public number of incidents. I am also gradually adding submarine cable outages.

According to ZDNet and Ilna News, Iranian officials acknowledged last Sunday that a limited number of computers were affected following a cyberattack targeting the port of Bandar Abbas in the Strait of Hormuz. ZDNet even reported that port operations were temporarily halted on Friday.

Beyond these official statements, very few details about the incident have been disclosed.

The U.S. administration has issued a maritime advisory for vessels transiting the Persian Gulf and surrounding waters. Among the risks identified are GPS interference (jamming or spoofing), as well as intrusion, jamming, and impersonation in VHF communications with ships. In some cases, vessels have reportedly impersonated U.S. or coalition ships over the radio.

Since May 2019, the U.S. authorities have recorded numerous unlawful activities in the region. In two of those cases, GPS interference occurred at the same time as other suspicious events.

In a press release, the insurer Willis Towers Watson announced the launch of a new insurance product specifically designed to cover cybersecurity risks in the maritime sector. The objective of this product is to address the incomplete coverage of cyber risks in most traditional insurance policies and to respond to the growing number of cyber incidents affecting the maritime industry.

The policy reportedly covers several situations, including: crisis management in the event of ransomware attacks, data theft, incidents involving third parties, loss of connectivity following attacks on satellite communication links, as well as cases related to GDPR and the NIS Directive.