In an unassuming operations room overlooking Oslo’s serene fjord, cyber analysts at the Nordic Maritime Cyber Resilience Centre (Norma Cyber) are bracing for a Maritime Security Crisis . While the idea of hackers taking remote control of ships and steering them into disaster may sound like a thriller plot, the experts at Norma Cyber warn it’s a real and looming threat.
With maritime systems becoming increasingly digital, ships are now more vulnerable to cyberattacks than ever before. Øystein Brekke-Sanderud, a senior analyst at Norma Cyber, explains that artificial intelligence could allow hackers to quickly penetrate complex maritime systems, asking AI tools to decode systems, identify vulnerabilities, or even retrieve passwords from lengthy manuals. “It’s no longer a question of if, but when,” he says.
Norma Cyber, in collaboration with the Norwegian Shipowners’ Association and the Norwegian Shipowners’ Mutual War Risks Insurance Association, was established two years ago to monitor and respond to both physical and digital threats to global maritime infrastructure. The organization tracks potential cyberattacks, terrorist threats, and geopolitical tensions that could endanger sea-based trade and travel.
Sabotage, Espionage, and Rising State-Backed Cyber-Attacks
Maritime systems can be crippled without dramatic takeovers. As Lars Benjamin Vold, managing director of Norma Cyber, notes, a Maritime Security Crisis failure could disable navigation or cause blackouts onboard. Hackers could also manipulate ballast systems that maintain a ship’s stability or disrupt satellite communication tools, as demonstrated in a recent cyber-attack on 116 Iranian VSAT modems.
Global powers are becoming more strategic in their use of maritime cyber tools. Iran, Russia, and China have all been linked to research or operations aiming to compromise ships for espionage or disruption. Civilians’ vessels, like fishing or research boats, have also been repurposed for intelligence gathering, especially in high-risk zones like the Arctic and Baltic Seas. A China-linked cyber group known as Mustang Panda has even used USB devices to breachMaritime Security Crisis.
In 2023 alone, Norma Cyber recorded 239 disruptive cyber incidents targeting maritime infrastructure, many of them traced to the pro-Russian group NoName057(16). Amid such challenges, traditional seamanship is regaining value. In regions like the Baltic, where satellite navigation systems have faced frequent jamming allegedly by Russia, crews have had to rely on manual navigation, underscoring the need for age-old skills in a high-tech era.
The Shadow Fleet and Internal Tensions
The digital threats are only part of a larger storm. The emergence of a “shadow fleet” of aging, unregulated oil tankers transporting sanctioned Russian crude to nations like China and India has raised alarms. Estimated at 600 to 900 vessels, these ships operate outside international norms, evading sanctions, hiding identities, and posing major environmental and safety risks.
Line Falkenberg Ollestad of the Norwegian Shipowners’ Association warns that this parallel fleet is forming a substandard, underinsured maritime economy. Many of these vessels are over 15 years old, poorly maintained, and difficult to monitor. If one were to leak or crash near Norway’s coast, the environmental and logistical fallout could be severe.
Meanwhile, the human element adds another layer of complexity. With roughly 15% of global seafarers hailing from Ukraine or Russia, tensions on board have escalated since the invasion of Ukraine. “You can’t have a Russian captain steering a ship carrying aid to Ukraine,” says DNK’s managing director, Svein Ringbakken.
As maritime vulnerabilities rise both from external attacks and internal pressures, the industry faces tough questions. Is the spread of the shadow fleet irreversible? Can the digitalization of shipping be secured? For now, those tasked with defending the seas are watching closely, knowing that the next wave of threats is already underway.
