AI cyber threats are rising fast in the shipping industry

Rapid adoption of artificial intelligence across the shipping industry is creating new cyber-security vulnerabilities, according to newly released research.

Shipping companies are increasingly using AI to optimise operations, recruitment and maintenance. However, security analysts warn that the pace of adoption is outstripping the sector’s ability to protect itself against sophisticated attacks.

New data indicates that up to 60% of newly disclosed software vulnerabilities affecting ships, offshore systems and shore-based infrastructure are now weaponised within 48 hours. Hackers are also beginning to use AI-driven tools to accelerate their own attacks.

In 2018, the average time between a vulnerability being published and an attack occurring was 63 days. By 2024 this had fallen to five days. Today, some systems are targeted within just 15 minutes of a flaw being identified.

Tetsuji Madarame, a distinguished maritime and logistics expert and former Head of Digital Transformation and Innovation at NYK Line, warns that as AI moves from generative systems toward agentic and physical models, including autonomous navigation and fleet optimisation, “protecting AI-related assets must be a top priority.”

Research from Cydome suggests 87% of organisations now see AI-related vulnerabilities as the fastest-growing cyber risk.

Phishing campaigns have become significantly more convincing, with 83% of phishing emails already using AI to target multinational crews in their native language. Voice phishing, or vishing, has surged by 1600%, with AI cloning executive voices to authorise fraudulent transfers.

In one incident, attackers used a deepfake audio clone of a company’s CFO to fraudulently authorise a US$25 million payment.

Another case saw a US$200,000 crew compensation payment diverted through an AI-based email interception attack.

Security specialists also warn that maritime networks are increasingly vulnerable through edge devices such as routers, firewalls and VPNs. Attacks targeting these systems increased by 800% in 2025, with 20% aimed directly at firewalls and VPNs.

A previous incident saw hacktivist group Lab Dookhtegan disrupt connectivity across a fleet of 116 tankers after compromising the infrastructure of a satellite communications provider. VSAT partitions on ship hard drives were wiped, resulting in a complete loss of connectivity and control over ship-to-shore VOIP services.

Experts warn that insider risk is also growing as maritime organisations become more digitally integrated.