Lawyer Henry Clack has dealt with Nigerian criminal gangs many times.
Clack, a solicitor at London-based law firm HFW, represents shipping firms hit by cyber attacks. He says Nigerian groups are the most common adversaries. They have executed several high-value “man-in-the-middle” frauds in recent years.
How cyber fraud works
This fraud enables hackers to intercept communication between two parties. They impersonate both sides to steal login credentials, financial data, or full system access. Criminals then demand ransom to release stolen information or surrender control of computers.
HFW data shows that cyber attacks on ships and ports are rising. Between 2022 and 2023, the average cost of an attack doubled to $550,000 (£410,000). When removal fails, ransom payments now average $3.2m.
Trade routes under threat
About 80% of global trade moves by sea. Disruptions increase costs and reduce shipping capacity.
John Stawpert, environment and trade manager at the International Chamber of Shipping (ICS), says criminals and hostile states see shipping as an attractive target. “Cyber security is a major concern for shipping, given how interconnected the world is,” he explains. “The industry is among the top 10 targets for cyber crime. Ransomware or disruption can cause serious consequences.”
Attacks multiply rapidly
Research from the Netherlands’ NHL Stenden University shows a steep rise in cyber incidents. Cases jumped from 10 in 2021 to at least 64 last year.
Jeroen Pijpker of the Maritime IT Security research group links many cases to Russia, China, North Korea, and Iran. He recalls one incident where attackers used Telegram to share targeting details and disrupt deliveries to Ukraine.
Other gangs, including Nigerian groups, act mainly for extortion.
Digitalisation brings new risks
The industry’s rapid digital growth has opened more attack routes. Satellite services like Starlink expand connectivity but also exposure.
One US Navy chief lost her job after installing an unauthorised satellite dish on a combat ship so officers could access the internet.
Shipping’s digitisation often remains fragmented and outdated. The average cargo vessel is 22 years old, and upgrades are expensive.
Digitalisation also introduces risks such as GPS jamming and spoofing.
“GPS spoofing provides false positions to navigation systems,” says Arik Diamant of security firm Claroty. “It can reroute ships or push them into shallow waters.”
In May, the container ship MSC Antonia ran aground in the Red Sea after suspected spoofing. While no culprit was named, Houthi rebels have attacked nearby vessels. Russia has been accused of similar GPS interference in the Baltic.
Expensive protection measures
Anti-jam technology exists but costs remain high. Many operators cannot invest in it.
Emission sensors on ships, which transmit data, create further entry points for hackers.
Global rules tighten defences
In 2021, the International Maritime Organization (IMO) introduced binding cyber rules to its safety management code.
Tom Walters, a lawyer at HFW, says vessels must now follow mandatory risk management standards. These include basic IT practices and advanced safeguards.
“I think the industry is stronger than six or seven years ago,” says Stawpert. “Awareness of cyber risks is far higher and will keep growing.”
Talking with criminals
Clack says contact with hackers happens during ransomware negotiations. Messages are short and deliberate. “It is usually just one message a day, rarely more than two sentences,” he explains.
