Maritime Cyber Security Is Too Weak

Uploaded on 2025-06-18 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Transport & Travel

Despite increasing digital integration the maritime sector remains very vulnerable to cyber threats and attacks. Indeed, there are widespread concerns that even the most advanced ships with cutting-edge green tech are too often connected to weak IT infrastructures that are vulnerable to exploitation, espionage and sabotage.

Now, Simon Fotakis, Director of Technology Sales at SmartSea, has called on the maritime industry to not forget the importance of cyber security.

“The truth is, cyber security still lags behind where it needs to be,” said Fotakis.  “We’re seeing advanced ships with cutting-edge green tech but often connected to weak IT infrastructures that are vulnerable to exploitation, espionage and sabotage.” According the Foatkis, many in the maritime industry still treat cyber security as a checkbox instead of a core capability. "It’s a dangerous disconnect from reality as a single intrusion could cripple a fleet and erase years of progress, Fotakis says.

Despite increasing digital integration, the maritime sector remains highly vulnerable to cyber threats, many of which target poorly protected onboard IT systems rather than core navigation or propulsion infrastructure.

According to the Baltic and International Maritime Council (BIMCO), one of the largest of the international shipping associations representing shipowners, over 80 percent of shipowners have experienced a cyber attack in the past three years, and the average cost of a maritime cyberattack is estimated at $3.1 million. Despite this, only 31 percent of maritime companies say they have a high level of cybersecurity preparedness and phishing remains the top attack vector, responsible for 91 percent of successful breaches in the industry.

SmartSea calls for deeper collaboration between shipping companies, insurers and cybersecurity providers to tackle the growing threat of cyber espionage and nation-state attacks. “There is a need for real-time intelligence sharing across the maritime supply chain, joint incident response planning with live scenario testing, and insurance models that reward genuine cyber maturity rather than ticking compliance boxes,” said Fotakis.

Fotakis advocates developing secure-by-design technologies from the outset rather than retrofitting security measures.

Protecting maritime assets from espionage and long-dwell intrusions,requires  a layered cyber security framework and trains crew and staff to spot phishing and social engineering tactics. It also implements strict access control and multi-factor authentication, and deploys email and endpoint security solutions and performs cyber maturity assessments to uncover hidden vulnerabilities.

SmartSea   |   Cruise Industry News  |  Ship Mgt Intl  |  CyberExperts  |   Newsbreak  

Image: Unsplash

You Might Also Read: 

Hackers Target Maritime Facilities With Malware:

If you like this website and use the comprehensive 8,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Jony Ive Partners With OpenAI To Redefine AI Hardware
Major Cybersecurity Risks In 2025 & How VPNs Help Defend Against Them »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

SOTI

SOTI

SOTI is an industry leader in Enterprise Mobility Management (EMM).

CFC Underwriting

CFC Underwriting

CFC is a specialist insurance provider and a pioneer in emerging risk, including cyber insurance.

Ground Labs

Ground Labs

Ground Labs is a security software company dedicated to making sensitive data discovery products that help organisations prevent sensitive data loss.

L J Kushner & Associates

L J Kushner & Associates

L.J. Kushner is a leading Information Security recruiting firm.

Siepel

Siepel

Siepel manufactures high quality shielded rooms and anechoic chambers dedicated to TEMPEST, NEMP & HIRF.

Cyber Security National Lab (CINI)

Cyber Security National Lab (CINI)

The Cyber Security National Lab brings together Italian academic excellence in Cyber Security research.

Visa

Visa

Visa is a global payments technology company that connects consumers, businesses and banks in more than 200 countries and territories worldwide.

Assured Enterprises

Assured Enterprises

Assured Enterprises provides comprehensive cyber risk identification, management and mitigation across all platforms.

MedCrypt

MedCrypt

MedCrypt are a team of medical device experts focused on bringing modern cybersecurity features to the next generation of healthcare technology.

MPC Alliance

MPC Alliance

A consortium of developers and practitioners of multiparty computation (MPC), committed to accelerating market awareness and adoption of MPC to increase the security and privacy of online services.

Airtel Secure

Airtel Secure

Airtel Secure’s multi-layered, full service cybersecurity offerings are designed to safeguard enterprises against threats of various kinds and origins.

Traceable

Traceable

Traceable was founded to protect applications from next-generation attacks.

Yarix

Yarix

Yarix is the leading company in Var Group’s Digital Security division and one of the most recognised, innovative and authoritative Italian companies in the IT security sector.

Sensity

Sensity

Sensity is a company that offers an AI-driven solution to detect and verify deepfakes and other forms of identity fraud.

Couno

Couno

Couno is a trusted provider of IT support services throughout the UK and Europe.

Claratti

Claratti

Clarrati are a team of innovators. Industry leaders in the cloud computing, remote working, and work-from-home space. We partner with you to empower your business for the future.