Intentional threat sources are broadly similar to those encountered in other sectors. Rather than reproducing a long and exhaustive list of possible threat actors, it is worth noting that the French cybersecurity agency ANSSI has already documented them in detail (see p. 15 and following pages in the reference below).

Today, the most realistic threat sources include:

• state-sponsored actors, pursuing objectives such as espionage, pre-positioning within systems, or even disruption and destruction
• “casual” hackers, inspired by demonstrations or proof-of-concept attacks presented at cybersecurity conferences and attempting to reproduce them
• competitors, a possibility that cannot be completely ruled out and should at least be considered in risk assessments
• terrorist or piracy-related organizations, which could see financial or strategic value in such attacks
• collateral infections, meaning attacks that do not specifically target the maritime sector but still affect it, as is often the case with ransomware campaigns

It is worth remembering that cyber operations have several advantages for attackers: they can often be carried out anonymously, attribution is difficult, and attacks can be launched rapidly and at relatively low cost (especially when the attacker only needs to deploy existing tools).