Cybercriminals targeting maritime are refining tactics, improving operational efficiency, and embracing new technologies to broaden their attacks, Marlink‘s latest report reveals.
Marlink, a player in managed services for business-critical IT solutions, has recently published its Security Operations Centre (SOC) report for the second half of 2024.
In the six months to December 2024, the company’s global network of SOCs monitored 1,998 merchant and leisure vessels and recorded:
- 9 billion security events and 39 billion firewall events;
- 718,000 alerts and 10,700 malware incidents detected;
- 50 managed major incidents.
One of the most significant developments has been an increase in the adoption of generative artificial intelligence (genAI). Off-the-shelf large language models (LLMs) have become a critical tool for hackers, allowing them to accelerate malware development, automate phishing campaigns and refine social engineering tactics.
This has led to a surge in AI-assisted cyberattacks. Some actors have leveraged genAI to assist in developing malicious scripts and exploits designed to specifically target cybersecurity vulnerabilities (CVEs).
The cybercriminal ecosystem has become more organised, with access brokers thriving, according to Marlink. The sale of network access has doubled in the past year, as cybercriminals increasingly turned to access broker services to gain entry into corporate environments.
The increasing complexity of these cyber threats reinforces the urgent need for stronger security postures and improved cyber hygiene, reported Marlink. Marlink operates a global network of Security Operations Centres for both IT and OT solutions through its dedicated Marlink Cyber operation.
READ: Marlink enhances hybrid network for Knutsen
“H2 2024 saw a marked evolution in cyber threats, as malicious actors adopted increasingly efficient, structured, and business-like approaches to cybercrime, putting additional pressure on the maritime industry,” said Nicolas Furge, President, Marlink Cyber.
“Looking ahead to 2025, the cybersecurity landscape is expected to become increasingly complex and challenging, increasing the pressure on users to improve protection of assets and people.”
In September last year, the Port of Seattle made headlines after isolating its critical systems following outages consistent with a cyberattack.
