The shipping industry is undergoing a digital transformation. From smart ships and automated ports to interconnected systems that optimize efficiency, technology is revolutionizing maritime operations. However, this digital integration comes with a growing and persistent threat—cyberattacks. As vessels become increasingly connected, their vulnerability to cyber threats escalates, making robust cybersecurity a necessity rather than an afterthought.
Recent reports, including ”The Lifecycle Dilemma: Navigating Cybersecurity Risks Across Designing, Constructing and Operating a Vessel by Thetius’‘—commissioned by CyberOwl and HFW—highlight the cybersecurity risks at every stage of a vessel’s lifecycle. These risks not only threaten financial stability but also jeopardize the safety of crews, cargo, and the global supply chain.
The rising cyber threat in maritime
Cyber incidents, such as ransomware attacks, system breaches, and IT outages, have surged across industries, with maritime shipping no exception. The Allianz Risk Barometer 2025 ranks cyber risk as the top global threat, overtaking traditional concerns like natural disasters and supply chain disruptions. Thetius’ report underscores how inconsistencies in cybersecurity approaches—from ship design to operation—expose shipping companies to significant risks.
One alarming finding is that only 17% of shipyards have sufficient in-house cybersecurity expertise to design and construct cyber-secure vessels. Additionally, only 10% of Original Equipment Manufacturers (OEMs) integrate security-by-design in their systems, leaving shipowners unknowingly exposed to potential risks. Furthermore, many shipowners lack clear cybersecurity guidelines when taking delivery of a vessel, further compounding the issue.
The consequences of these gaps can be severe. Cybercriminals are employing increasingly sophisticated tactics, including artificial intelligence (AI)-driven attacks, to target operational technology (OT) on ships. Many vessels still operate with outdated software, making them prime targets for breaches that can result in vessel immobilization, navigation failures, and even environmental disasters.
The cost of cyber insecurity
One of the most concerning trends highlighted in the report is the ongoing issue of ransomware attacks. In 2023, 14% of shipping stakeholders admitted to paying a ransom, with an average payout of $3.2 million. While this number has dropped to 7% in the past year, with average ransom payouts falling below $100,000, the risk remains high. The decline in reported payments may reflect an increased reluctance to disclose cyber incidents rather than a true reduction in attacks.
Beyond ransom payments, the indirect costs of cyberattacks can be devastating. Operational downtime, reputational damage, regulatory fines, and lost cargo can lead to financial losses that far exceed the immediate ransom demand. The interconnected nature of global shipping means that a single cyberattack on a major vessel or port could disrupt supply chains worldwide, causing ripple effects across industries.
The need for secure-by-design vessels
Guy Platten, Secretary General of the International Chamber of Shipping, emphasizes that “designing a cyber-secure vessel is no longer a choice but a necessity.” Yet, despite this urgency, only 32% of shipowners include cybersecurity in their newbuild teams, and smaller companies often assign cybersecurity responsibilities to personnel without specialized knowledge.
The report calls for a shift toward secure-by-design principles, ensuring cybersecurity is embedded into a vessel’s architecture from the outset. This proactive approach is far more cost-effective than implementing retroactive fixes once vulnerabilities are discovered. Secure-by-design practices include:
- Building cybersecurity into ship architecture to protect critical systems from cyber threats.
- Segregating networks to ensure that breaches in one system do not compromise the entire vessel.
- Implementing monitoring systems that provide real-time alerts for suspicious activity.
- Mandating supplier compliance with cybersecurity standards to reduce risks across the supply chain.
Operational challenges and the human factor
Even with secure design and construction, cyber resilience does not end once a vessel is delivered. The responsibility for maintaining cybersecurity shifts to shipowners, who often face challenges due to decisions made during earlier stages. The report highlights a concerning lack of preparedness among crew members, with 93% admitting they feel unprepared to handle cybersecurity threats.
One of the key recommendations is improving cybersecurity training for seafarers. Many cyberattacks target human vulnerabilities, such as phishing scams that trick crew members into revealing login credentials. Conducting simulated cyberattacks and surprise drills can help crews develop the necessary skills to detect and respond to real threats.
Bridging the cybersecurity knowledge gap
Another significant issue is the knowledge gap among shipowners and shipyards regarding cybersecurity regulations. While 56% of shipowners claim awareness of new class rules, only 1 in 6 truly understands what to look for when taking delivery of a cyber-secure vessel. Additionally, 46% of shipyards express concerns about lacking the expertise needed to meet cybersecurity standards.
The IACS Unified Requirements E26 and E27 provide a framework for cybersecurity standards in new builds, but these do not apply to existing vessels. This regulatory gap leaves many ships operating without adequate cybersecurity protections. The industry must push for expanded regulations that cover the entire vessel lifecycle, ensuring cybersecurity is not just a one-time compliance exercise but an ongoing process.
A call for industry-wide collaboration
Cyber threats do not operate in isolation, and neither should the shipping industry. A major challenge in maritime cybersecurity is the lack of information sharing between companies. Many fear that reporting incidents could lead to reputational damage or legal liability, which discourages transparency. However, without a collaborative approach, cybercriminals can exploit similar vulnerabilities across multiple fleets.
To enhance cybersecurity, the industry must:
- Encourage open data sharing about cyber threats, best practices, and lessons learned.
- Develop standardized cybersecurity guidelines that apply across the supply chain.
- Foster partnerships between shipowners, regulators, and cybersecurity experts to address evolving threats.
Pooling knowledge and resources will be crucial in closing the cybersecurity gaps and ensuring that every stakeholder understands their role in protecting vessels from cyber threats.
Cybersecurity as a cornerstone of maritime safety
Thetius’ report and other recent findings make it clear that cybersecurity can no longer be treated as an afterthought. Instead, it must be a fundamental aspect of vessel design, construction, and operation.
A cyber-secure vessel is not just about compliance—it is about ensuring the safety, resilience, and long-term viability of global maritime trade. If the industry does not act now, the risks will only grow, and the cost of inaction could be catastrophic. It’s time for the shipping sector to prioritize cybersecurity on the agenda as well to set sail toward a safer digital future.
