Maritime Computer Emergency Response Team ADMIRAL dataset ADMIRAL dataset

Maritime cybersecurity in NATO - Disclosed incidents

277 maritime cybersecurity incidents disclosed for NATO

Most impacted countries - NATO

  • United states - 92 disclosed maritime cybersecurity incidents (33.2%)
  • France - 38 disclosed maritime cybersecurity incidents (13.7%)
  • Germany - 26 disclosed maritime cybersecurity incidents (9.4%)
  • Canada - 22 disclosed maritime cybersecurity incidents (7.9%)
  • Netherlands - 17 disclosed maritime cybersecurity incidents (6.1%)
  • Norway - 15 disclosed maritime cybersecurity incidents (5.4%)
  • Italy - 13 disclosed maritime cybersecurity incidents (4.7%)
  • Lithuania - 9 disclosed maritime cybersecurity incidents (3.2%)
  • Denmark - 8 disclosed maritime cybersecurity incidents (2.9%)
  • Greece - 6 disclosed maritime cybersecurity incidents (2.2%)
  • Spain - 5 disclosed maritime cybersecurity incidents (1.8%)
  • Finland - 5 disclosed maritime cybersecurity incidents (1.8%)
  • Croatia - 5 disclosed maritime cybersecurity incidents (1.8%)
  • Turkey - 4 disclosed maritime cybersecurity incidents (1.4%)
  • Bulgaria - 4 disclosed maritime cybersecurity incidents (1.4%)
  • Belgium - 3 disclosed maritime cybersecurity incidents (1.1%)
  • Poland - 3 disclosed maritime cybersecurity incidents (1.1%)
  • Portugal - 1 disclosed maritime cybersecurity incident (0.4%)
  • Estonia - 1 disclosed maritime cybersecurity incident (0.4%)

Most impacted maritime activities - NATO

  • Port - 75 disclosed maritime cybersecurity incidents (27.1%)
  • Defence - 35 disclosed maritime cybersecurity incidents (12.6%)
  • Logistics - 35 disclosed maritime cybersecurity incidents (12.6%)
  • Shipowner - 26 disclosed maritime cybersecurity incidents (9.4%)
  • Industry - 24 disclosed maritime cybersecurity incidents (8.7%)
  • Offshore - 15 disclosed maritime cybersecurity incidents (5.4%)
  • Ship - 12 disclosed maritime cybersecurity incidents (4.3%)
  • Shipyard - 10 disclosed maritime cybersecurity incidents (3.6%)
  • Transport - 9 disclosed maritime cybersecurity incidents (3.2%)
  • Administration - 8 disclosed maritime cybersecurity incidents (2.9%)
  • Mre - 6 disclosed maritime cybersecurity incidents (2.2%)
  • Organisation - 5 disclosed maritime cybersecurity incidents (1.8%)
  • It services - 4 disclosed maritime cybersecurity incidents (1.4%)
  • Classification company - 3 disclosed maritime cybersecurity incidents (1.1%)
  • Fishing - 3 disclosed maritime cybersecurity incidents (1.1%)
  • Manufacturer - 2 disclosed maritime cybersecurity incidents (0.7%)
  • Education - 1 disclosed maritime cybersecurity incident (0.4%)
  • Fluvial - 1 disclosed maritime cybersecurity incident (0.4%)
  • Insurer - 1 disclosed maritime cybersecurity incident (0.4%)
  • Undersea cable - 1 disclosed maritime cybersecurity incident (0.4%)
  • Leasure - 1 disclosed maritime cybersecurity incident (0.4%)

Most common incident types - NATO

  • Virus/ransomware - 127 disclosed maritime cybersecurity incidents (45.8%)
  • Denial of service - 78 disclosed maritime cybersecurity incidents (28.2%)
  • Intrusion - 29 disclosed maritime cybersecurity incidents (10.5%)
  • Data leak - 12 disclosed maritime cybersecurity incidents (4.3%)
  • Spearphishing - 9 disclosed maritime cybersecurity incidents (3.2%)
  • Gps/ais jamming/spoofing - 5 disclosed maritime cybersecurity incidents (1.8%)
  • Scam - 5 disclosed maritime cybersecurity incidents (1.8%)
  • Website compromission - 3 disclosed maritime cybersecurity incidents (1.1%)
  • Human error - 2 disclosed maritime cybersecurity incidents (0.7%)
  • Undisclosed - 2 disclosed maritime cybersecurity incidents (0.7%)
  • Physical hijack - 1 disclosed maritime cybersecurity incident (0.4%)
  • Malfunction - 1 disclosed maritime cybersecurity incident (0.4%)
  • Remote access - 1 disclosed maritime cybersecurity incident (0.4%)
  • Phishing - 1 disclosed maritime cybersecurity incident (0.4%)
  • Legitimate access - 1 disclosed maritime cybersecurity incident (0.4%)

Most claimed/reported threat actors having targeted NATO

  • Noname057(16) - 54 disclosed maritime cybersecurity incidents (19.5%)
  • Lockbit 3.0 - 6 disclosed maritime cybersecurity incidents (2.2%)
  • Conti - 5 disclosed maritime cybersecurity incidents (1.8%)
  • China - 4 disclosed maritime cybersecurity incidents (1.4%)
  • Revil - 3 disclosed maritime cybersecurity incidents (1.1%)
  • Bianlian - 3 disclosed maritime cybersecurity incidents (1.1%)
  • Snatch - 3 disclosed maritime cybersecurity incidents (1.1%)
  • Killnet - 3 disclosed maritime cybersecurity incidents (1.1%)
  • Black basta - 3 disclosed maritime cybersecurity incidents (1.1%)
  • Cl0p - 3 disclosed maritime cybersecurity incidents (1.1%)
  • Play - 2 disclosed maritime cybersecurity incidents (0.7%)
  • Lockbit 2.0 - 2 disclosed maritime cybersecurity incidents (0.7%)
  • Net-worker alliance - 2 disclosed maritime cybersecurity incidents (0.7%)
  • Egregor - 2 disclosed maritime cybersecurity incidents (0.7%)
  • Maze - 2 disclosed maritime cybersecurity incidents (0.7%)
  • Darkstorm team - 2 disclosed maritime cybersecurity incidents (0.7%)
  • Ryuk - 2 disclosed maritime cybersecurity incidents (0.7%)
  • Notpetya - 2 disclosed maritime cybersecurity incidents (0.7%)
  • Alphv - 2 disclosed maritime cybersecurity incidents (0.7%)
  • Anchor panda - 2 disclosed maritime cybersecurity incidents (0.7%)
  • Abyss - 1 disclosed maritime cybersecurity incident (0.4%)
  • No escape - 1 disclosed maritime cybersecurity incident (0.4%)
  • Money message - 1 disclosed maritime cybersecurity incident (0.4%)
  • Darkrace - 1 disclosed maritime cybersecurity incident (0.4%)
  • Hunters - 1 disclosed maritime cybersecurity incident (0.4%)
  • Cactus - 1 disclosed maritime cybersecurity incident (0.4%)
  • Akira - 1 disclosed maritime cybersecurity incident (0.4%)
  • Donut - 1 disclosed maritime cybersecurity incident (0.4%)
  • Us dod hacker - 1 disclosed maritime cybersecurity incident (0.4%)
  • Blackcat - 1 disclosed maritime cybersecurity incident (0.4%)
  • Dynamic duo - 1 disclosed maritime cybersecurity incident (0.4%)
  • Stormous - 1 disclosed maritime cybersecurity incident (0.4%)
  • Anonymous sudan - 1 disclosed maritime cybersecurity incident (0.4%)
  • Hive - 1 disclosed maritime cybersecurity incident (0.4%)
  • Dkd - 1 disclosed maritime cybersecurity incident (0.4%)
  • Onyx - 1 disclosed maritime cybersecurity incident (0.4%)
  • Ragnar locker - 1 disclosed maritime cybersecurity incident (0.4%)
  • Mespinoza/pysa - 1 disclosed maritime cybersecurity incident (0.4%)
  • Samsam - 1 disclosed maritime cybersecurity incident (0.4%)
  • Russia - 1 disclosed maritime cybersecurity incident (0.4%)
  • Icefog - 1 disclosed maritime cybersecurity incident (0.4%)
  • Iran - 1 disclosed maritime cybersecurity incident (0.4%)
  • The elderwood gang - 1 disclosed maritime cybersecurity incident (0.4%)
  • Sl1nk - 1 disclosed maritime cybersecurity incident (0.4%)
  • Conficker - 1 disclosed maritime cybersecurity incident (0.4%)
  • Rhysida - 1 disclosed maritime cybersecurity incident (0.4%)
Files generated on Friday, 07th June 2024.
ADMIRAL is licensed under the Creative Commons CC-BY-NC license. Copyright © France Cyber Maritime 2024.