Cyberattacks on rise around the world
New rules in the US are changing reporting obligations for shipowners. Fortunately, AI tools are available to help with compliance.
Airports, retailers and car makers represent just some of the high-profile industries that have suffered cyberattacks in recent months. In the maritime industry, there’s growing acknowledgement that similar risks are accelerating, particularly in geopolitical hotspots.
Indeed, recent research from cyber intelligence firm Cyble found, ”Electronic interference, including GPS jamming and spoofing, is escalating in critical maritime chokepoints like the Persian Gulf and Strait of Hormuz, posing a serious threat to vessel safety and operational reliability.”
According to IMarEST Fellow Captain Peter McArthur, perpetrators use a remote device to overpower real GPS satellite signals and instead relay bogus positional information to hide illegal fishing, smuggling or sanctions evasion, test weaknesses in maritime navigation systems, create confusion or mislead authorities, or to prank.
The outcomes could be catastrophic. Captain McArthur concluded: “A single compromised vessel could block a port, create an environmental disaster or disrupt global trade – think what happened with the Ever Given incident in the Suez Canal, in 2021.”
While the issues with GPS spoofing are making headlines, there are other risks as a new era of hyperconnectivity collides with some assets that were built for a less digital age. The confluence of IT and OT (operational technology) systems means the attack surface can be extensive and create hidden vulnerabilities in an environment that may not have the same cyber protection developed to protect shoreside assets.
A unique environment
“The maritime environment is unique, and not all the off-the-shelf solutions understand this,” says Nir Ayalon, CEO of Cydome, a company which has developed a machine learning tool that acts as a ship’s onboard cyber security officer. “Our system knows how to connect to the maritime environment and can explain to the company where the gaps are. Fixing things at sea can be difficult, and as today’s vessels move more and more towards autonomy, it’s no longer as simple as, ‘Just go to manual mode’.”
The tool was launched to help shipowners comply with new US Coast Guard rule, Cybersecurity in the Marine Transportation System (90 FR 6298). From summer 2025, all reportable cyber incidents (including unauthorised access to systems, malware infections, and denial of service attacks) must be reported to the National Response Center immediately upon discovery.
When it comes to cyber risks, a large vulnerability can be the human in the loop, which is why crew training is an area of focus for regulators and shipowners. However, the rise of generative AI, with its ability to create deep fakes, means even a well-trained and vigilant crew member can be susceptible to manipulation.
“There’s definitely a need for better crew education and training, but the rise of AI means it’s increasingly harder to detect when something has been manipulated and is a malicious act,” concludes Ayalon. “You need AI tools to fight back against the AI. We use our machine learning to look at normal activity and detect anomalies, and if we detect something has been manipulated then we flag it and share it across the community so everyone can be prepared and protected.”
Read more: The potentially catastrophic threat of GPS spoofing in shipping.
Tell us what you think about this article by joining the discussion on IMarEST Connect.
Image: large tanker leaving a port in Dubai in the Persian Gulf, a potential hotspot for GPS jamming and spoofing. Credit: Shutterstock.
Inline image: Nir Ayalon. Credit: Cydome.
