New industry findings reveal that as much as 60 percent of recently disclosed software vulnerabilities concerning ships, ports, and offshore assets are weaponized within 48 hours. This shocking statistic underscores the rapidly evolving landscape of cybersecurity threats within the maritime sector, where the adoption of artificial intelligence (AI) is accelerating at unprecedented rates for operational efficiency.
The maritime industry is integrating AI technologies to enhance operations, recruitment, and vessel maintenance. However, this digital transformation has exposed critical vulnerabilities, allowing cyberattacks to occur autonomously and often invisibly. In many cases, breaches are detected only after attackers have gained access to systems. The shift in exploitation speed is stark; in 2018, cybercriminals typically took 63 days to exploit a newly published flaw, while by 2024, that window had shrunk to just five days. Today, with AI-powered hacking tools, that timeframe has collapsed to less than 48 hours, with some systems under threat within 15 minutes of a vulnerability becoming public.
A report from maritime cybersecurity firm Cydome highlights that 87 percent of organizations now consider AI-related vulnerabilities their fastest-growing threat, indicating a troubling collapse in traditional security response protocols. Tetsuji Madarame, a maritime and logistics expert and former Head of Digital Transformation and Innovation at NYK Line, stresses the urgency of prioritizing the protection of AI-related assets as their capabilities expand into areas like autonomous navigation and optimal fleet operations.
The proliferation of edge-network devices—such as routers, firewalls, VPNs, and satellite terminals—adds layers of vulnerability to maritime operations. Cydome reports an astonishing 800 percent increase in attacks on edge infrastructure in 2025, with 20 percent of these targeting firewalls and VPNs. The rise of AI is also transforming the sophistication and speed of social-engineering attacks. Cydome’s findings indicate that 83 percent of phishing emails aimed at multinational crews are now AI-generated and tailored to specific cultural nuances.
One notable incident involved a major European energy company that lost $25 million after cybercriminals used a deepfake audio clone of the company’s CFO to authorize an urgent wire transfer. The cloned voice was so convincing that staff complied without hesitation. In another case, a compensation payment of $200,000 intended for a deceased seafarer’s family was diverted via an AI-powered email interceptor. This incident showcases the risks posed by AI-enhanced identity fraud and the potential for disruption within the industry.
Cydome reports that there are now 82 AI identities online for every human identity, complicating authentication and trust. Theofano Somaripa, Group CIO of dry bulk operator Newport S.A, anticipates that the cyber landscape in 2026 will focus on radical restructuring of business models driven by AI transformation. As companies integrate AI for operational efficiencies, they may inadvertently create opportunities for attackers to deploy autonomous, adaptive, and nearly undetectable cyber-attacks.
In a troubling example, the hacktivist group Lab Dookhtegan disconnected 116 tankers from the internet by wiping the network edge of their satellite connectivity provider, illustrating the severe operational, safety, and compliance risks that come with such attacks. Katerina Raptaki, IT Manager at Greek shipping company Navios, noted the alarming pace of AI deployment within shipping companies, outpacing the establishment of adequate cyber accountability structures. “In 2026, the question after an incident won’t be, was the AI wrong? but why was it trusted?”
Øystein Brekke-Sanderud, Head of Maritime OT/ICS Security at NORMA Cyber, cautioned that the most significant cybersecurity risks will likely come from within organizational perimeters as companies become more digitally integrated. Insider threats, whether malicious or accidental, pose significant challenges to detection and management. As maritime operations become increasingly interconnected, the report warns that the next major cyber incident may unfold too quickly for human intervention.
The Cydome Maritime Cyber Trends Report 2026, which draws on operational data and insights from industry leaders, paints a picture of an industry that is modernizing faster than it can secure itself. With cyberattacks becoming ever more sophisticated, the differentiating factor for shipping companies will be their ability to swiftly detect, respond, and maintain operational continuity in the face of these threats.
See also
AI-Driven Cyberattacks on Auto Industry More Than Double in 2025, Upstream Reports
U.S.-Israel Cyberattack Precedes Khamenei’s Assassination, Integrates AI in Warfare
CyberStrikeAI’s Open Source Launch Marks Sharp Rise in AI-Driven Cyber Attacks
Cydome Reports 150% Surge in Maritime OT Cyberattacks Driven by Ransomware in 2025
AI Threats Reach 230 Billion Daily as DDoS Attacks Surge to 31.4 Tbps, Cloudflare Reports
