Maritime Computer Emergency Response Team ADMIRAL dataset ADMIRAL dataset

Welcome to ADMIRAL,
the five-star maritime cybersecurity incidents dataset!

ADMIRAL stands for Advanced Dataset of Maritime cyber Incidents ReleAsed for Literature. ADMIRAL was created 7 years ago, in 2017, to centralize disclosed cybersecurity incidents in the maritime sector for education, research, and awareness raising activities or risk and threat assessment in the maritime cybersecurity sector.

As always with figures, please be cautious when elaborating trends or facts from this data. Despite all our hard work, we only put here publicly disclosed incidents. There can be biases, due to the quality, diversity and precision of sensors. This is, by no mean, a realtime dataset of what is happening now! Most of our data is not shown here, either because we don't trust the sources or don't want to quote them, but also because most of our activity is to anticipate, prevent incidents and coordinate response. Of course, we shall never disclose any privately reported incidents and we do respect the Traffic Light Protocol, as well as the protection of sources.

The purpose of this dataset is not to point fingers at the maritime sector, its actors, manufacturers, etc. On the contrary, we are helping them on a daily basis fighting adverse cyber activities. But they need a wide support to enhance their cybersecurity resilience and defense in depth. The names of the victims are given using public references (e.g. articles). We will never quote the name of a victim if it has not been made public.

It is maintained by the team of the Maritime Computer Emergency Response Team (M-CERT) operated by France Cyber Maritime non-profit organization fostering over 90 public and private bodies in maritime cybersecurity in France.

As of today, the ADMIRAL dataset contains 459 publicly disclosed maritime cybersecurity incidents, starting in 1980 and until 2024. It gathers 16 different incident types which occurred in 64 countries, impacting 22 maritime activities subsectors.

You can explore our dynamic map, our global statistics page, our statistics by (geographic) continent, by country, by year, by threat, and by activity. You can also explore our dataset by starting by a random incident.

You can also use:

We hope this data and the work behind will be valuable to you. If they are, please respect the data source, the ethics behind, the people working on it, and take into account the contribution policy, license and reuse rules as stated on our Gitlab repository.

Last incidents added to the ADMIRAL dataset

Date (DD/MM/YYYY) Country Type Target Incident detail
14/3/2024 CH Undisclosed Transport A Canadian company, a major logistics player offering maritime transpo[...]
10/3/2024 US Virus/Ransomware Leasure An American company specializing in the sale of pleasure boats is the [...]
3/3/2024 DK Denial of service Administration The website of the Danish Merchant Marine Association is the victim of[...]
1/3/2024 DK Intrusion Defence A French company, working in the field of defense systems, is the vict[...]
29/2/2024 US Virus/Ransomware Industry An American shipyard, an important player in the construction of Coast[...]
18/2/2024 IT Denial of service Port The port communications system of the port of Trieste is the victim of[...]
18/2/2024 IT Denial of service Port The Italian Navy website is the victim of a denial of service attack c[...]
15/2/2024 IR Undisclosed Defence An Iranian ship suspected of collecting intelligence in the Black Sea [...]
4/2/2024 US Virus/Ransomware Defence A major American arms company is the victim of a ransomware attack.
30/1/2024 US Virus/Ransomware Defence An American IT development company, subcontractor of the American Depa[...]
Files generated on Friday, 07th June 2024.
ADMIRAL is licensed under the Creative Commons CC-BY-NC license. Copyright © France Cyber Maritime 2024.