Marlink Security Operations Centre report shows continued evolution of maritime cyber threats
Unique maritime cyber security resource reports continued rise in malicious activity against shipping with new, sophisticated threat vectors emerging
10.10.2024. Marlink, the leading managed services provider of business-critical ICT solutions, has released the latest global maritime cyber threat report produced by its Security Operations Centre (SOC).
The report, based on data gathered during the first half of 2024 demonstrates the changing tactics of cyber criminals, who are increasingly attempting to bypass previously effective security controls using new tools.
Marlink’s unique maritime SOC actively monitored more than 1,800 vessels in the first half of 2024, including all types of cargoships as well as cruiseships, superyachts and offshore vessels.
The data show that malicious activity in the first six months increased significantly compared to the previous year. SOC analysts observed a continued rise in common threats such as Command and Control attacks, along with the evolution of botnet attacks, which are growing in both complexity and volume.
Phishing remains the top method attackers use to access corporate networks. The SOC report has also detected an increase in blacklisted malicious traffic. This highlights the importance of maintaining up-to-date threat intelligence feeds and applying strict security policies to prevent unauthorised connections to high-risk sites.
The volume of botnet activity increased substantially with new botnets emerging, leveraging more advanced techniques including AI-enhanced botnets targeting IoT devices which demonstrate more sophisticated automation capabilities.
The SOC registered 23,400 malware detections and 178 ransomware detections in the first half of 2024. Firewall events, which occur when a process or application attempts to make a connection that violates a client’s Network Security Policy, rose above 50 billion while security events reached 14.8bn. The number of alerts increased to 1.4m and the number of major incidents managed by the SOC reached 79.
The sharp increase in malware detections highlights the growing threat landscape, but it also showcases the effectiveness of Endpoint Detection and Response (EDR) tools in identifying and containing widespread malware. This data reinforces the importance of proactive security monitoring and advanced threat detection capabilities to stay ahead of evolving threats.
During the first half of the year, the threat landscape in the maritime environment monitored through the SOC has continued to evolve and surprise us compared to what we saw in 2023. Malicious actors evolving their attack patterns and launching fraudulent campaigns that bypass previously effective security controls, such as two-factor authentication, forcing us to react and raise the security level to ensure operations are safeguarded.
About Marlink
For companies operating in the world’s most challenging environments – from merchant vessels to offshore and onshore energy operations, from humanitarian organisations to cruise ships and superyachts – Marlink creates and delivers possibilities, anywhere.
Marlink is a managed service provider and global leader in remote ICT solutions with annual revenues surpassing $800 million and 1,500 employees operating in more than 30 countries.
Wherever our customers are in the world, we deliver them possibilities to work smarter and to operate more effectively, more safely, more sustainably - without the limitations of technology.
With our possibility platform, we enable a comprehensive suite of end-to-end managed solutions (Connectivity, Network, Cyber Security, Cloud & IT, IoT & Apps), supported by professional services, unmatched global operations and delivery capabilities and local support teams.
As a global company with a local focus we help make tomorrow’s possibilities today’s realities.
For further information please visit www.marlink.com.