Lawyer Henry Clack has seen Nigerian criminal gangs at work many times.
Clack, a solicitor at London-based law firm HFW, represents shipping firms targeted by cyber attacks. He says Nigerian groups are the most common adversaries. They have executed several high-value “man-in-the-middle” frauds in recent years.
How hackers deceive shipping companies
This type of fraud lets hackers intercept communication between two parties. They impersonate both sides to steal login data, financial information, or full computer access. Criminals then demand money to return stolen data or abandon control of systems.
HFW data shows cyber attacks on ships and ports are rising fast. Between 2022 and 2023, the average cost of an attack doubled to $550,000 (£410,000). When experts cannot remove hackers, ransom demands average $3.2m.
Shipping as a prime target
Sea transport carries about 80% of global trade. Any disruption raises costs and cuts shipping capacity.
John Stawpert, manager for environment and trade at the International Chamber of Shipping (ICS), says criminals and hostile states see shipping as a prime target. “Cyber security is a major concern for shipping, given how interconnected the world is,” he says. “The industry ranks among the top 10 targets for cyber crime. Disruption or ransomware can have huge consequences.”
Number of attacks climbing sharply
Research from the Netherlands’ NHL Stenden University shows attacks soared from just 10 in 2021 to at least 64 last year.
Jeroen Pijpker from the Maritime IT Security research group says many incidents link to Russia, China, North Korea, and Iran. He recalls one example where attackers shared target details on Telegram to disrupt shipments bound for Ukraine.
Other gangs, including Nigerian groups, focus mainly on extortion.
Digitalisation opens the door wider
Rapid digitisation has created new opportunities for hackers. Satellite services like Starlink increase connectivity, but also risk.
A US Navy chief lost her job after installing an unauthorised satellite dish on a combat ship so officers could browse the internet.
The sector’s official digitisation remains fragmented and outdated. The average cargo ship is 22 years old, and frequent upgrades are costly.
Digital tools also bring new risks such as GPS jamming and spoofing.
“GPS spoofing feeds false data into navigation systems,” says Arik Diamant of security firm Claroty. “Ships can be diverted or run aground in shallow waters.”
In May, reports linked the grounding of container ship MSC Antonia in the Red Sea to suspected GPS spoofing. Houthi rebels have attacked other ships nearby, while Russia faces blame for GPS interference in the Baltic.
Defence comes at a price
Anti-jam technology exists but is expensive. Many operators cannot afford it.
Emission sensors, which transmit data, also give hackers fresh entry points.
Stricter rules to strengthen cyber security
In 2021, the International Maritime Organization (IMO) added binding cyber provisions to its global safety management code.
HFW lawyer Tom Walters explains ships must now include mandatory cyber risk management. Measures range from basic IT hygiene to advanced operational safeguards.
“I think the industry is far better prepared than six or seven years ago,” says Stawpert. “Awareness of cyber threats is much stronger and still growing.”
Negotiating with criminals
Clack says contact with gangs is limited and controlled. Talks usually occur during ransomware cases. “It is often just one message a day, rarely more than two sentences,” he explains.
