Cybersecurity News

Maritime operations run on tight schedules and thin margins, and as ships, terminals and supply chains connect systems for visibility and efficiency, attackers gain paths to entry. Cyber risk has become an operational reliability and safety concern, not just an IT issue. “Whether we are looking at this challenge through an operational or organizational safety lens, cyber risk is a critical business risk. An incident will impact everyone,” says Michael DeVolld, Senior Director…

KVH Industries has announced that its advanced KVH linkHUB Media Server has received CREST Accreditation from CREST Cybersecurity, a not-for-profit organization that accredits companies with cybersecurity services, in areas such as security systems for confidentiality, incident response, and penetration testing. The KVH linkHUB Server and Set Top Boxes (STB), which deliver award-winning KVH Link news and entertainment content to commercial seafarers, underwent stringent analysis…

A new cybersecurity solution from Hanwha Ocean to protect critical infrastructure and operations on board floating production storage and offloading (FPSO) units received approval in principle (AiP) from American Bureau of Shipping (ABS).Hanwha Ocean, in conjunction with SIGA Data Security, developed an Operational Technology (OT) cybersecurity solution that is specifically designed to protect critical OT systems from cyber threats, enhancing the overall cyber resilience on FPSO…

The 110th session of the Maritime Safety Committee takes place from June 18-27. IMO Secretary-General Arsenio Dominguez opened the meeting by highlighting recent maritime casualties as a stark reminder of IMO's role in ensuring safety, security, and environmental protection of shipping, and the importance of implementing IMO regulations.The Secretary-General expressed his sadness at reports of four seafarers unaccounted for in an accident involving the MV Wan Hai 503 off the Indian coast days ago.

Marlink published its Security Operations Center (SOC) report for the second half of 2024, and the news for maritime is not particularly good.The report finds that cybercriminals targeting maritime have streamlined their tactics, enhanced their operational efficiency and adopted emerging technologies to expand their attack capabilities.In the six months to December 2024, Marlink’s global network of SOCs monitored 1,998 merchant and leisure vessels, and recorded:9 billion security events and 39 billion firewall events…

KVH Industries, Inc. unveiled the newest expansion to its CommBox Edge Communication Gateway–the Secure Suite threat detection and response service. Focused on detecting, preventing, and reporting cybersecurity threats, CommBox Edge Secure Suite actively identifies and blocks harmful traffic in real time to reduce the risks to vessel communications, operations, and network security. Secure Suite is fully compatible with both the CommBox Edge 6 and Edge 2 belowdeck appliances and the CommBox Edge virtual machine option…

The Arctic, once a remote and isolated frontier, is rapidly transforming into a hub of activity. Increased shipping, resource exploration, and scientific research are reshaping the region, ushering in a new wave of challenges – particularly in the critical domain of cybersecurity. As a maritime cybersecurity expert, I observe unique threats emerging in this icy environment, where fragile infrastructure, escalating geopolitical tensions, constrained communication bandwidth, and…

Marlink, a leader in managed services for business-critical IT solutions, has released External Attack Surface Management (EASM) to help protect customers from cyber threats before they strike.Following the successful launch of Marlink Cyber, this innovative solution identifies weaknesses in external digital infrastructure and supports protection measures across all market verticals served by Marlink.The growth in digitalization across maritime, energy, yachting and enterprise sectors means companies are often unaware of how exposed their digital assets can be.

The $5.4 trillion global maritime industry faces a perfect storm of cyber vulnerabilities, and a new government regulation aims to be the lighthouse guiding stakeholders to safer digital harbors.On January 17, 2025, the US Coast Guard (USCG) published a final rule titled “Cybersecurity in the Marine Transportation System,” aiming to bolster the cybersecurity posture of the nation’s marine transportation system (MTS). This rule introduces mandatory cybersecurity measures for US-flagged vessels…

Marlink, a leader in managed services for business-critical IT solutions, has created Marlink Cyber, a dedicated cyber security company to address growth of cyber threats and the increasing need for compliance.Marlink Cyber combines expertise within Marlink with the skills, resources and geographic presence gained with the acquisition of Diverto and Port-IT. Some 150 experts will focus on developing and delivering the services and solutions customers need to address emerging cyber challenges.The new company provides multiple customer benefits…

New MariOT testbed aims to strengthen shipboard cybersecurity, train next-gen maritime professionals, and foster global collaboration.Singapore has taken a major step toward fortifying the maritime industry's cyber defenses with the launch of the Maritime Testbed of Shipboard Operational Technology (MariOT), the world’s first industrial-grade cyber-physical training platform for shipboard systems. Commissioned by the Maritime and Port Authority of Singapore (MPA) and developed in partnership with the Singapore University of Technology and Design (SUTD), Singapore Maritime Institute (SMI), and industry collaborators, the new facility…

ABS issued a Type Approval for IACS UR E27 cyber resilience requirements to Hanwha Systems for its cybersecurity solution, SecuAider®.Hanwha Systems’ SecuAider® is a software solution that offers protection to a vessel’s data and networks from advanced cyberattacks, such as ransomware and malware.The ABS E27 certification is part of the ABS Cyber Resilience Program that evaluates a range of digitally enabled systems and equipment, looking at the security controls implemented at the design…

The U.S. Coast Guard (USCG) published a final rule on January 17, 2025, addressing Cybersecurity in the Marine Transportation System (the “Final Rule”), which seeks to minimize cybersecurity-related transportation security incidents (“TSIs”) within the maritime transportation system (“MTS”) by establishing requirements to enhance the detection, response, and recovery from cybersecurity risks. Effective July 16, 2025, the Final Rule will apply to U.S.-flagged vessels, Outer Continental Shelf, and onshore facilities subject to the Maritime Transportation Security Act of 2002 (“MTSA”).

Shipowners can use Marlink platform to collect data from any equipment on newbuildings and existing vessels to drive efficiency and complianceMarlink received Type Approval Certification from Bureau Veritas Marine & Offshore (BV) for its Internet of Things (IoT) data collection solution, which is designed to enable remote users to collect the data required to understand vessel efficiency, monitor fuel consumption and lower emissions in line with ESG goals. The granting of the certification by BV contributes to Marlink’s strategy of meeting customer demand for solutions spanning cyber security, hybrid networks and IoT.Benefits include…

The latest Energy Cyber Priority report from DNV Cyber has found that energy companies have started to boost investment in cybersecurity to manage the ‘greatest risk’ to the industry today as the importance of securing businesses from cyber threats reaches highest company levels.Energy companies are taking cyber threats seriously at the highest levels, as two in three energy professionals (65%) say their leadership views cybersecurity as the greatest current risk to their business…

The US Coast Guard has published a final rule in the Federal Register to update cybersecurity requirements for U.S.-flagged vessels, outer continental shelf facilities and facilities subject to Maritime Transportation Security Act of 2002 (MTSA).The rule addresses current and emerging cybersecurity threats in the marine transportation system by adding minimum cybersecurity requirements to help detect risks and respond to and recover from cybersecurity incidents. These requirements include developing and maintaining a cybersecurity plan…

The World Maritime Forum 2025, happening on February 18-19, 2025, at the AC Bella Sky Convention Center in Copenhagen, is not only the year’s most influential maritime event but also a hub for networking and business opportunities.Recognized as the "Center of Maritime", the forum offers a unique platform for suppliers, technology companies, shipowners, and ship managers to connect, collaborate, and explore transformative solutions for the industry.This year’s discussions will address critical topics such as decarbonization…

DNV acquired CyberOwl, a global presence in cyber risk monitoring and threat management onboard maritime vessels, which comes at a time when maritime must comply with a wealth of new cyber security regulation and invest in incident detection, response and recovery as increasing implementation of digitally connected systems onboard vessels create new vulnerabilities. CyberOwl provides vessel operators with analytics to identify, monitor and manage cyber threats, and evidence regulatory compliance.

ClassNK has released ‘Guidelines for Cyber resilience of ships’, which expound new IACS Unified Requirements (UR) to support the consideration of measures to ensure the cybersecurity of ships.IACS has established UR E26 for ships and UR E27 for on-board systems and equipment as URs setting minimum requirements for cyber resilience, which is the capability to reduce the occurrence and mitigate the effects of cyber incidents due to cyber-attacks or other threats. The URs have been applied to new ships contracted for construction on or after July 1…

Chinese government-linked hackers have burrowed into U.S. critical infrastructure and are waiting "for just the right moment to deal a devastating blow," FBI Director Christopher Wray said earlier this month.An ongoing Chinese hacking campaign known as Volt Typhoon has successfully gained access to numerous American companies in telecommunications, energy, water and other critical sectors, with 23 pipeline operators targeted, Wray said in a speech at Vanderbilt University on April…

Denmark-based Danelec reports it has become the first Voyage Data Recorder (VDR) manufacturer to receive new DNV Cyber Security Type Approval for IACS UR E27, for its advanced DM100 VDR platform.The International Association of Classification Societies (IACS) has introduced the new IACS Unified Requirements E27 to enhance cyber safety and protect maritime assets from cyber threats, which is now mandatory for all classed ships contracted for construction from July 1, 2024. Covering both operational and information technology systems on ships…

As digital technologies continue to permeate the international shipping industry, a newly launched organization aims to raise the standard of cybersecurity risk assessment across the maritime sector.The International Maritime Cyber Security Organization (IMCSO) will recognize appropriate cybersecurity professional certifications as well as offer certification for maritime specific knowledge. In addition, the body will maintain a register of maritime cyber security service suppliers, detailing the qualifications and expertise of those working for them.

With supply chain attacks on the rise, and nation-state attackers constantly looking for new ways to disrupt national security and economic stability, one of the most vulnerable areas is the security around our maritime operations. The Biden-Harris Administration's recent Executive Order to fortify the cybersecurity of U.S. ports underscores this concern, spotlighting the urgency of addressing vulnerabilities in a sector that drives over $5.4 trillion in economic activity annually.