by Bolaji Raheem*
Global shipping has always carried risk, from storms and piracy to shifting trade winds. But in 2025, the most disruptive danger is neither on the horizon nor at the quay. It lies in the invisible realm of algorithms and networks. As artificial intelligence (particularly generative AI) continues to evolve, it is enabling cybercriminals to design convincing phishing campaigns, automate malware creation, and identify vulnerabilities across fleets in record time. What once demanded advanced expertise is now accessible to a much broader range of attackers, raising the stakes for the entire maritime sector.
In the second half of 2024, Marlink’s Security Operations Center recorded 39 billion firewall events, more than 10,700 malware infections, and 50 major cyber incidents across fewer than 2,000 monitored vessels. These figures underline a worrying trend: maritime cyber disruption is no longer an isolated occurrence but a persistent operational threat. The economic impact can be severe. The NotPetya attack on A.P. Moller–Maersk in 2017 cost the company between USD 200 million and 300 million, paralysing terminals worldwide and forcing a full-scale IT rebuild. While large firms may survive such incidents, smaller operators often lack the resources to recover, making cyber resilience a critical safeguard for the industry’s long-term stability.
The effects of cyber incidents extend beyond financial loss. Attackers increasingly aim to disrupt operations rather than steal data. Regulators, led by the International Maritime Organization through Resolution MSC.428(98), now require cyber risk management within every Safety Management System. Insurers and charterers are also placing greater emphasis on demonstrable digital resilience. Above all, reputational damage can persist long after systems are restored, undermining client trust and confidence in a company’s reliability.
To address this growing threat, the industry should take a more proactive and collaborative stance. A key recommendation is the creation of a Maritime Cyber Intelligence Exchange (MCIX)– a collective platform that would allow operators, ports, and suppliers to share anonymised incident data, monitor AI-driven attack patterns, and distribute real-time alerts. Such an initiative would help organisations detect and contain threats more efficiently.
Alongside this, integrating AI-powered monitoring systems both onboard and ashore would strengthen early warning capabilities and provide real-time visibility into potential threats. To complement this, enforcing cybersecurity standards across vendors and supply chain partners would help close critical gaps that often serve as entry points for attackers. Equally, routine cyber drills would ensure that crews are not only technically prepared but also confident in their ability to respond swiftly and effectively when incidents arise. Finally, the insurance sector can play a pivotal role by offering incentives to companies that embrace shared intelligence and maintain strong, verifiable defence protocols, reinforcing a culture of proactive digital resilience across the maritime ecosystem.
By embedding cybersecurity into daily operations and fostering information sharing across the maritime community, the industry can transform digital defence from a reactive obligation into a proactive strength. Shipping has weathered centuries of natural and economic storms, yet today’s most dangerous threat is silent and digital. Protecting networks has become as vital as navigating the seas, and by acting collectively, the maritime sector can secure its future with both confidence and resilience.
__
* Bolaji Raheem is a trainee solicitor with experience and knowledge within the technology and legal industry, with particular interests in the commercial and shipping world.
