Marlink reports increase in maritime cyber threats

Twitter
Facebook
LinkedIn
Email
Marlink report shows continued evolution of maritime cyber threats

Marlink has released the latest global maritime cyber threat report produced by its Security Operations Centre (SOC), showing a surge in the rise of common threats in the maritime industry.

The report, based on data gathered during the first half of 2024 demonstrates the changing tactics of cyber criminals, who are increasingly attempting to bypass previously effective security controls using new tools.

Marlink’s maritime SOC actively monitored more than 1,800 vessels in the first half of 2024, including all types of cargo ships as well as cruise ships, superyachts and offshore vessels.

The data show that malicious activity in the first six months increased significantly compared to the previous year. SOC analysts observed a continued rise in common threats such as Command and Control attacks, along with the evolution of botnet attacks, which are growing in both complexity and volume.

READ: HPC puts spotlight on maritime cybersecurity

Phishing remains the top method attackers use to access corporate networks. The SOC report has also detected an increase in blacklisted malicious traffic. This highlights the importance of maintaining up-to-date threat intelligence feeds and applying strict security policies to prevent unauthorised connections to high-risk sites.

The volume of botnet activity increased substantially with new botnets emerging, leveraging more advanced techniques including AI-enhanced botnets targeting IoT devices which demonstrate more sophisticated automation capabilities.

The SOC registered 23,400 malware detections and 178 ransomware detections in the first half of 2024. Firewall events, which occur when a process or application attempts to make a connection that violates a client’s Network Security Policy, rose above 50 billion while security events reached 14.8 billion. The number of alerts increased to 1.4 million and the number of major incidents managed by the SOC reached 79.

READ: NYK Line selects Marlink to provide smart hybrid network

According to Marlink, the sharp increase in malware detection highlights the growing threat landscape, but it also showcases the effectiveness of Endpoint Detection and Response (EDR) tools in identifying and containing widespread malware.

“During the first half of the year, the threat landscape in the maritime environment monitored through the SOC has continued to evolve and surprise us compared to what we saw in 2023,” said Nicolas Furgé, President Digital, Marlink.

“Malicious actors evolving their attack patterns and launching fraudulent campaigns that bypass previously effective security controls, such as two-factor authentication, forcing us to react and raise the security level to ensure operations are safeguarded.”

Last month, the Port of Seattle isolated its critical systems after the port identified system outages consistent with a cyber-attack last month.

More recently, the Hamburg Port Consulting (HPC) hosted its ninth CONNECTING PORTS talk show earlier this month, focusing on the growing vulnerability of port facilities to cyber-attacks.


Is safety a priority in your operations?

Join the Maritime Safety Series: Port Edition, a new virtual event from Port Technology International and ICHCA, focused on improving port safety through discussion and innovation.

Daily Email Newsletter

Sign up to our daily email newsletter to receive the latest news from Port Technology International.
FREE

Supplier Directory

Be listed with industry leaders operating within Ports and Terminals

Webinar Series

Join 500+ attendees on average with a Port Technology International webinar

Latest Stories

Cookie Policy. This website uses cookies to ensure you get the best experience on our website.