All Posts - Maritimeinfosec.org

NORMA Cyber 2026 Report: a maritime threat that is primarily geopolitical, more hybrid than spectacular

Olivier JACQ — Tue, 07 Apr 2026 19:44:00 +0000

The latest NORMA Cyber annual report has the merit of placing maritime cybersecurity back where it now truly operates: in a space saturated with geopolitical tensions, logistical interdependencies, and blurred boundaries between cyber, physical, and informational domains. Its main outlook for 2026 (for those who still believe in cyber crystal balls) is that the structuring risk is not so much the “big” destructive attack as the accumulation of intelligence operations, opportunistic disruptions, and hybrid effects on already strained logistical and operational chains. In that sense, it is a less alarmist report than it may appear at first glance, and that is probably its main strength.

Maritime phishing: analysis of US Coast Guard cyber bulletin MCB 01-26

Olivier JACQ — Sat, 21 Mar 2026 18:00:00 +0000

On March 18, 2026, the US Coast Guard published a cyber bulletin titled MCB 01-26: Awareness for Increased Phishing (available at the end of this article). This short document aims to shed light on the evolution of cyber threats in the maritime sector, and more specifically on the growing role of phishing attacks in incidents affecting the Marine Transportation System (MTS). It is not specified—although it naturally comes to mind—whether the release of this bulletin is directly linked to the current conflict in the Persian Gulf and the risk of phishing attacks originating from Iran.

When Marine Technology, Ocean Development and the Law of the Sea addresses maritime cybersecurity, GNSS risks and autonomous vessels

Olivier JACQ — Sat, 21 Mar 2026 14:30:00 +0000

The collective volume Marine Technology, Ocean Development and the Law of the Sea (2026), available as open access, devotes significant attention to digital issues, with numerous occurrences of the term “cyber” and several chapters more broadly dedicated to the security of maritime systems.

GNSS, jamming and spoofing: a clearly documented risk

The chapter on maritime cybersecurity provides a detailed description of the threats affecting GNSS systems. It recalls that associated attacks (spoofing, jamming) can lead to a loss of reliable positioning and to navigation errors, directly impacting maritime safety. It also emphasizes that users must “plan” (or at least anticipate!) “potential GPS disruptions, authenticate the reliability of received data and consider alternative positioning sources” (cyber chapter, pp. 278–280).

Ireland: a 2026–2030 maritime strategy addressing cyber issues and subsea cables

Olivier JACQ — Sat, 21 Mar 2026 12:00:00 +0000

Ireland published in February 2026 its first national maritime security strategy (National Maritime Security Strategy 2026–2030).

This document marks an important evolution for this island state, which we particularly appreciate, highly dependent on its maritime infrastructure, but historically limited in terms of surveillance and protection capabilities over its maritime domain.

The strategy explicitly identifies the protection of critical infrastructure as a central issue, in particular subsea telecommunications cables and energy interconnectors (such as the Celtic Interconnector). These infrastructures are presented as essential to the country’s economic and digital functioning, in a context where a significant share of transatlantic data flows passes close to Irish waters.

Analysis of the BIMCO webinar on solutions against GNSS spoofing and jamming

Olivier JACQ — Thu, 19 Mar 2026 14:43:38 +0000

Following a previous webinar, in February 2026, in connection with current developments in the Persian Gulf, BIMCO hosted a webinar dedicated to GNSS interference. I encourage you to watch it, and here is a brief personal analysis. This webinar had an immediate merit: amid the numerous publications on the subject (particularly on LinkedIn), and although the topic is not new (especially since the conflict between Russia and Ukraine), it did not treat jamming and spoofing as a purely theoretical issue reserved for specialists, nor from a purely alarmist perspective, but as a now very real operational risk for commercial navigation.

GNSS jamming and spoofing: when a hypothesis gradually becomes a... fact

Olivier JACQ — Sun, 15 Mar 2026 10:00:00 +0000

Over the past few days, there has been a noticeable increase in publications discussing GNSS interference, particularly GPS jamming and spoofing.

This brings me back to a case that is frequently cited in public and private reports, both in France and internationally: the collision that occurred off the coast of Oman between two vessels, which continues to be mentioned as an example of a collision “linked” to GPS spoofing.

What catches my attention is not the hypothesis itself.
GNSS interference in that region is documented and certainly not a new phenomenon. It obviously deserves to be taken seriously.

Cyber Europe 2026: EU prepares cybersecurity exercise targeting maritime transport

Olivier JACQ — Sun, 15 Mar 2026 09:00:00 +0000

The European Union Agency for Cybersecurity (ENISA) is preparing a new edition of its pan-European Cyber Europe cybersecurity exercise, scheduled for June 2026.

This 8th edition of the exercise series will focus on critical transport infrastructure, particularly the maritime and rail sectors, both considered highly critical under the NIS2 Directive.

Official exercise page:
https://www.enisa.europa.eu/topics/skills-and-competences-for-companies/cyber-europe

A pan-European cyber crisis exercise

Organised every two years since 2010, the Cyber Europe series simulates complex cyber crises involving multiple EU Member States and organisations.

EU Ports Strategy highlights rising cyber threats targeting ports.

Olivier JACQ — Wed, 04 Mar 2026 09:05:00 +0000

On 4 March 2026, the European Commission also released a second communication specifically focused on European ports: the EU Ports Strategy.

This document complements the Industrial Maritime Strategy published the same day and focuses on the strategic role of ports in logistics chains, trade and European economic security.

The full document is available here:
https://transport.ec.europa.eu/document/download/8a1a9516-8efd-44ca-b308-4b3cafc59f38_en?filename=communication_on_EU_ports_strategy.pdf

The Commission highlights that European ports have become critical infrastructure for the European economy and supply chains.

EU Industrial Maritime Strategy highlights emerging cybersecurity risks.

Olivier JACQ — Wed, 04 Mar 2026 09:00:00 +0000

On 4 March 2026, the European Commission released two separate communications outlining its vision for the future of the maritime sector: an Industrial Maritime Strategy and a dedicated strategy for European ports.

The first document, the EU Industrial Maritime Strategy, aims to strengthen the competitiveness and strategic autonomy of Europe’s maritime industries.

The full document is available here:
https://transport.ec.europa.eu/document/download/2cda36ec-b5fc-4cc9-9091-a8014ba8177e_en?filename=communication_on_EU_industrial_maritime_strategy_3.pdf

Beyond industrial and energy considerations, the strategy also highlights the growing importance of security challenges in the maritime domain.

Foreign interference on a ferry in Sète: between Raspberry Pi, RAT and media overreaction

Olivier JACQ — Wed, 24 Dec 2025 17:30:00 +0000

The case of the ferry Fantastic (operated by the Italian company Grandi Navi Veloci, GNV) in Sète, in December 2025, is interesting for several reasons. Not so much for its technical sophistication — which remains limited — but for what it reveals about how cyber incidents are handled, particularly in the maritime domain.

Very quickly, the event was portrayed as a potentially serious case of foreign interference, or even as a scenario involving remote control of a vessel. The reality, as it gradually emerges from publicly available information, is more nuanced — and probably more instructive.