Maritime cybersecurity in Europe - Disclosed incidents

Most impacted countries - Europe

• France - 38 disclosed maritime cybersecurity incidents (18.5%)
• Germany - 26 disclosed maritime cybersecurity incidents (12.7%)
• United kingdom - 22 disclosed maritime cybersecurity incidents (10.7%)
• Netherlands - 17 disclosed maritime cybersecurity incidents (8.3%)
• Norway - 15 disclosed maritime cybersecurity incidents (7.3%)
• Italy - 13 disclosed maritime cybersecurity incidents (6.3%)
• Sweden - 10 disclosed maritime cybersecurity incidents (4.9%)
• Lithuania - 9 disclosed maritime cybersecurity incidents (4.4%)
• Denmark - 8 disclosed maritime cybersecurity incidents (3.9%)
• Greece - 6 disclosed maritime cybersecurity incidents (2.9%)
• Spain - 5 disclosed maritime cybersecurity incidents (2.4%)
• Finland - 5 disclosed maritime cybersecurity incidents (2.4%)
• Croatia - 5 disclosed maritime cybersecurity incidents (2.4%)
• Cyprus - 4 disclosed maritime cybersecurity incidents (2.0%)
• Ukraine - 4 disclosed maritime cybersecurity incidents (2.0%)
• Bulgaria - 4 disclosed maritime cybersecurity incidents (2.0%)
• Switzerland - 3 disclosed maritime cybersecurity incidents (1.5%)
• Belgium - 3 disclosed maritime cybersecurity incidents (1.5%)
• Poland - 3 disclosed maritime cybersecurity incidents (1.5%)
• Russia - 2 disclosed maritime cybersecurity incidents (1.0%)
• Malta - 1 disclosed maritime cybersecurity incident (0.5%)
• Portugal - 1 disclosed maritime cybersecurity incident (0.5%)
• Estonia - 1 disclosed maritime cybersecurity incident (0.5%)

Most impacted maritime activities - Europe

• Port - 48 disclosed maritime cybersecurity incidents (23.4%)
• Shipowner - 28 disclosed maritime cybersecurity incidents (13.7%)
• Logistics - 21 disclosed maritime cybersecurity incidents (10.2%)
• Industry - 18 disclosed maritime cybersecurity incidents (8.8%)
• Defence - 15 disclosed maritime cybersecurity incidents (7.3%)
• Ship - 12 disclosed maritime cybersecurity incidents (5.9%)
• Transport - 12 disclosed maritime cybersecurity incidents (5.9%)
• Offshore - 9 disclosed maritime cybersecurity incidents (4.4%)
• Shipyard - 9 disclosed maritime cybersecurity incidents (4.4%)
• Organisation - 8 disclosed maritime cybersecurity incidents (3.9%)
• Administration - 8 disclosed maritime cybersecurity incidents (3.9%)
• Mre - 5 disclosed maritime cybersecurity incidents (2.4%)
• It services - 4 disclosed maritime cybersecurity incidents (2.0%)
• Classification company - 2 disclosed maritime cybersecurity incidents (1.0%)
• Fishing - 2 disclosed maritime cybersecurity incidents (1.0%)
• Insurer - 2 disclosed maritime cybersecurity incidents (1.0%)
• Manufacturer - 1 disclosed maritime cybersecurity incident (0.5%)
• Fluvial - 1 disclosed maritime cybersecurity incident (0.5%)

Most common incident types - Europe

• Virus/ransomware - 91 disclosed maritime cybersecurity incidents (44.4%)
• Denial of service - 66 disclosed maritime cybersecurity incidents (32.2%)
• Intrusion - 19 disclosed maritime cybersecurity incidents (9.3%)
• Gps/ais jamming/spoofing - 8 disclosed maritime cybersecurity incidents (3.9%)
• Data leak - 6 disclosed maritime cybersecurity incidents (2.9%)
• Spearphishing - 3 disclosed maritime cybersecurity incidents (1.5%)
• Scam - 3 disclosed maritime cybersecurity incidents (1.5%)
• Malfunction - 2 disclosed maritime cybersecurity incidents (1.0%)
• Undisclosed - 2 disclosed maritime cybersecurity incidents (1.0%)
• Physical hijack - 1 disclosed maritime cybersecurity incident (0.5%)
• Remote access - 1 disclosed maritime cybersecurity incident (0.5%)
• Website compromission - 1 disclosed maritime cybersecurity incident (0.5%)
• Phishing - 1 disclosed maritime cybersecurity incident (0.5%)
• Human error - 1 disclosed maritime cybersecurity incident (0.5%)

Most claimed/reported threat actors having targeted Europe

• Noname057(16) - 48 disclosed maritime cybersecurity incidents (23.4%)
• Lockbit 3.0 - 6 disclosed maritime cybersecurity incidents (2.9%)
• Cl0p - 4 disclosed maritime cybersecurity incidents (2.0%)
• Killnet - 3 disclosed maritime cybersecurity incidents (1.5%)
• Snatch - 3 disclosed maritime cybersecurity incidents (1.5%)
• Conti - 3 disclosed maritime cybersecurity incidents (1.5%)
• Anchor panda - 3 disclosed maritime cybersecurity incidents (1.5%)
• Revil - 2 disclosed maritime cybersecurity incidents (1.0%)
• Darkstorm team - 2 disclosed maritime cybersecurity incidents (1.0%)
• Black basta - 2 disclosed maritime cybersecurity incidents (1.0%)
• Net-worker alliance - 2 disclosed maritime cybersecurity incidents (1.0%)
• Maze - 2 disclosed maritime cybersecurity incidents (1.0%)
• Notpetya - 2 disclosed maritime cybersecurity incidents (1.0%)
• Hive - 2 disclosed maritime cybersecurity incidents (1.0%)
• Anonymous central - 1 disclosed maritime cybersecurity incident (0.5%)
• Alphv - 1 disclosed maritime cybersecurity incident (0.5%)
• Stormous - 1 disclosed maritime cybersecurity incident (0.5%)
• Darkrace - 1 disclosed maritime cybersecurity incident (0.5%)
• Blackcat - 1 disclosed maritime cybersecurity incident (0.5%)
• Us dod hacker - 1 disclosed maritime cybersecurity incident (0.5%)
• Conficker - 1 disclosed maritime cybersecurity incident (0.5%)
• Anonymous sudan - 1 disclosed maritime cybersecurity incident (0.5%)
• Play - 1 disclosed maritime cybersecurity incident (0.5%)
• China - 1 disclosed maritime cybersecurity incident (0.5%)
• Lockbit 2.0 - 1 disclosed maritime cybersecurity incident (0.5%)
• Altahrea team - 1 disclosed maritime cybersecurity incident (0.5%)
• Ragnar locker - 1 disclosed maritime cybersecurity incident (0.5%)
• Egregor - 1 disclosed maritime cybersecurity incident (0.5%)
• Mespinoza/pysa - 1 disclosed maritime cybersecurity incident (0.5%)
• Ryuk - 1 disclosed maritime cybersecurity incident (0.5%)
• Undisclosed - 1 disclosed maritime cybersecurity incident (0.5%)

Files generated on Friday, 07th June 2024.
ADMIRAL is licensed under the Creative Commons license. Copyright © France Cyber Maritime 2024.