Lawyer Henry Clack has extensive experience with Nigerian criminal gangs.
Clack, a solicitor at London-based law firm HFW, represents shipping firms targeted by cyber attacks. He says Nigerian groups are the most frequent adversaries. They have carried out several high-value “man-in-the-middle” frauds in recent years.
How hackers infiltrate shipping
This type of fraud allows hackers to intercept communication between two parties. They impersonate both sides to steal login credentials, financial data, or full system control. Criminals then demand ransom to return stolen data or give up access.
HFW data shows attacks on ships and ports are rising sharply. Between 2022 and 2023, the average cost of an attack doubled to $550,000 (£410,000). If removal fails, ransom payments now average $3.2m.
Maritime trade under threat
About 80% of global trade travels by sea. Disruptions increase costs and reduce shipping capacity.
John Stawpert, environment and trade manager at the International Chamber of Shipping (ICS), warns that criminals and hostile states see shipping as a prime target. “Cyber security is a major concern for shipping, given how interconnected the world is,” he says. “Shipping ranks among the top 10 global targets for cyber crime. Ransomware or disruption can have severe consequences.”
Cyber attacks are accelerating
Research from the Netherlands’ NHL Stenden University shows maritime cyber incidents jumped from 10 in 2021 to at least 64 last year.
Jeroen Pijpker of the Maritime IT Security research group links many cases to Russia, China, North Korea, and Iran. He recalls one incident where attackers used Telegram to share target information to disrupt shipments bound for Ukraine.
Other gangs, including Nigerian groups, act primarily for financial extortion.
Digitalisation increases exposure
The shipping sector’s rapid digital growth has created new vulnerabilities. Satellite services like Starlink improve connectivity but increase risk.
One US Navy chief lost her post after installing an unauthorised satellite dish on a combat ship so officers could access the internet.
Much of shipping’s digitisation remains fragmented and outdated. The average cargo ship is 22 years old, and frequent upgrades are costly.
Digitalisation also introduces risks like GPS jamming and spoofing.
“GPS spoofing feeds false positions to navigation systems,” says Arik Diamant of security firm Claroty. “It can redirect ships or push them into shallow waters.”
In May, the container ship MSC Antonia ran aground in the Red Sea after suspected spoofing. No culprit was named, but Houthi rebels have attacked nearby vessels. Russia has been blamed for GPS interference in the Baltic.
Defending against cyber threats is costly
Anti-jam technology exists but is expensive. Many operators cannot afford it.
Emission sensors on ships, which transmit data, also create additional entry points for hackers.
Stricter regulations strengthen defences
In 2021, the International Maritime Organization (IMO) added binding cyber rules to its safety management code.
Tom Walters, a lawyer at HFW, says ships must now follow mandatory cyber risk management standards. Defences include basic IT practices and advanced operational safeguards.
“I think the industry is much stronger than six or seven years ago,” says Stawpert. “Awareness of cyber threats has grown and will continue to rise.”
Communicating with criminals
Clack explains that communication with hackers is limited and deliberate. It mostly occurs during ransomware negotiations. “Often, it is just one message a day, rarely more than two sentences,” he says.
