Posted on October 11, 2024
The report revealed the emergence of botnets that use AI to target IoT devices with advanced automation.
Marlink’s latest global maritime cyber threat report, generated by its Security Operations Centre (SOC), has revealed a significant evolution in cyber threats within the maritime industry.
Based on data from the first half of this year, the report showed cybercriminals were deploying new tools to overcome established security controls.
During this period Marlink’s SOC actively monitored over 1,800 vessels, including various cargo ships, cruise ships, superyachts, and offshore vessels.
The data indicated a significant rise in malicious activity compared to the previous year, with analysts noting an uptick in common threats like control and command attacks and the evolution of botnet attacks in both complexity and volume.
Phishing continued to be the primary method used by attackers to infiltrate corporate networks.
The SOC report also recorded an increase in blacklisted malicious traffic, underscoring the necessity for current threat intelligence and stringent security policies to block unauthorised access to high-risk sites.
Marlink Digital president Nicolas Furgé said: “During the first half of the year, the threat landscape in the maritime environment monitored through the SOC has continued to evolve and surprise us compared to what we saw in 2023.
“Malicious actors are evolving their attack patterns and launching fraudulent campaigns that bypass previously effective security controls, such as two-factor authentication, forcing us to react and raise the security level to ensure operations are safeguarded.”
The report further revealed the emergence of new, more botnets, some of which utilise artificial intelligence (AI) to target Internet of Things (IoT) devices with advanced automation capabilities.
The Centre registered 23,400 malware and 178 ransomware detections in the initial six months of 2024.
Firewall events, indicating attempts to breach a client’s Network Security Policy, exceeded 50 billion, while security events surged to 14.8 billion. Alert numbers climbed to 1.4 million, with the SOC managing 79 major incidents.
This increase in malware detection not only pointed to a growing threat landscape but also demonstrated the effectiveness of Endpoint Detection and Response (EDR) tools in identifying and mitigating malware spread.
The findings underscored the critical need for proactive security monitoring and advanced detection of threats to stay ahead of the rapidly evolving cyber threats in the maritime sector, according to the Centre.