Back
AI Is Accelerating Maritime Cyber Threats — And Ships May Have Less Than 48 Hours to Respond
AI Is Accelerating Maritime Cyber Threats — And Ships May Have Less Than 48 Hours to Respond
Artificial intelligence is rapidly transforming shipping operations — from fleet optimisation to recruitment. But new research shows the same technology is also accelerating cyberattacks, shrinking the time companies have to respond to vulnerabilities to just hours.
Artificial intelligence is reshaping digital systems across the maritime sector. Yet security specialists warn the industry may be adopting AI faster than it can defend against the risks it introduces.
New research from maritime cybersecurity firm Cydome suggests that up to 60% of newly discovered software vulnerabilities in maritime systems are now weaponised within 48 hours.
The pace of cyber exploitation has changed dramatically over the past decade. In 2018, hackers typically took around 63 days to exploit a newly disclosed system flaw. By 2024, that window had shrunk to five days. Today, AI-assisted attack tools can reduce that time to less than two days, with some vulnerabilities targeted within 15 minutes of discovery.
AI Is Changing Both Sides of the Cyber Battlefield
The maritime sector is increasingly deploying AI across shipboard systems, logistics platforms, predictive maintenance tools and crew management software.
According to Tetsuji Madarame, former Head of Digital Transformation at NYK Line, the evolution from generative AI to more autonomous “agentic” systems means shipping companies must prioritise protection of AI-related assets.
Cybersecurity specialists warn that the same AI capabilities improving operational efficiency are also enabling attackers to scale their efforts.
A recent industry survey found 87% of organisations now consider AI-related vulnerabilities the fastest-growing cybersecurity threat.
AI-Driven Phishing Targets Global Crews
One of the most immediate threats involves AI-enhanced phishing.
Researchers say 83% of phishing emails now use AI tools to tailor messages in the recipient’s native language — an important factor in a global industry with multinational crews.
More concerning is the explosion of voice phishing (vishing) attacks. AI voice cloning tools can now mimic executives with striking accuracy.
In one widely cited case, attackers used a deepfake audio replica of a company’s chief financial officer to convince staff to authorise a $25 million wire transfer.
Another incident involved an AI-intercepted email redirecting a $200,000 crew compensation payment to criminals instead of the intended seafarer’s family.
Identity Fraud and Fake Employees
Cybercriminals are also using AI to infiltrate organisations directly.
One company unknowingly hired a fraudster who used an AI-enhanced identity photo and stolen credentials to pass four video interviews. The individual masked their real location using a network of remote computers while attempting to access internal company systems.
Security analysts note that digital identity manipulation is becoming more common as AI agents proliferate online.
Vulnerabilities at the Network Edge
Many attacks are targeting infrastructure devices that connect ships to shore.
According to the report, cyberattacks against “edge devices” such as routers, VPN systems, and firewalls increased 800% in 2025, with around 20% specifically targeting firewall and VPN systems.
One notable incident saw a hacktivist group known as Lab Dookhtegan disrupt connectivity across 116 tankers.
By compromising a satellite connectivity provider, attackers erased the VSAT network partitions on the vessels’ hard drives, cutting ships off from the internet and disabling ship-to-shore communications.
The outage created operational disruptions, safety risks, and regulatory concerns as vessels temporarily lost communications systems including VOIP.
The Next Cyber Risk May Come From Inside
Security experts warn that as maritime companies digitise operations, the biggest threat may no longer come from outside attackers alone.
According to Øystein Brekke-Sanderud, maritime OT security lead at NORMA Cyber, insider risks — whether malicious, compromised, or accidental — will become one of the most difficult cyber threats to detect.
Meanwhile, Panagiotis Anastasiou of Bureau Veritas says cyber incidents are now inevitable in complex digital environments.
For shipping companies, the real competitive advantage may lie in how quickly they can detect an attack and maintain operations while responding.
Why This Matters
- Ships are becoming digital targets: AI-powered attacks can exploit software flaws within hours, leaving minimal time for operators to respond.
- Crew and finance systems are vulnerable: AI phishing and voice cloning are increasingly targeting payroll, procurement, and financial approvals.
- Connectivity risks are growing: Compromised satellite or edge network systems can disconnect entire fleets, creating operational and safety hazards.
- Cyber resilience is now operational resilience: Shipping companies will increasingly be judged by how quickly they detect and recover from cyber incidents — not just how well they prevent them.
US Torpedo Sinks Iranian Warship Returning from Indian Naval Drill, Dozens Dead
US Allows Temporary Russian Oil Shipments to India as Energy Markets Tighten
Energy Markets Jolt as Middle East Conflict Disrupts Oil, LNG and Global Shipping
