Lawyer Henry Clack knows Nigerian criminal gangs all too well.
Clack, a solicitor at London-based law firm HFW, represents global shipping firms struck by cyber attacks. He says Nigerian groups are the most frequent adversaries. They have carried out multiple high-value “man-in-the-middle” frauds in recent years.
How hackers infiltrate global trade
This type of fraud lets hackers intercept messages between two parties. They impersonate both sides to steal login credentials, financial data, or even full system access. Criminals then demand ransom to return stolen information or relinquish control of computers.
HFW figures reveal that attacks on ships and ports are increasing. Between 2022 and 2023, the average cost of dealing with an attack doubled to $550,000 (£410,000). When removal fails, ransom demands average $3.2m.
Why maritime targets are so exposed
Sea transport carries about 80% of global trade. Disruptions increase costs and reduce shipping capacity.
John Stawpert, environment and trade manager at the International Chamber of Shipping (ICS), warns that shipping is a prime target. “Cyber security is a major concern for shipping, given how interconnected the world is,” he says. “Shipping ranks among the top 10 targets for cyber criminals worldwide. The consequences of disruption or ransomware can be severe.”
Attacks multiply at alarming speed
A research group at the Netherlands’ NHL Stenden University tracked maritime cyber attacks. The number jumped from only 10 in 2021 to at least 64 last year.
Jeroen Pijpker of the Maritime IT Security research group links many cases to Russia, China, North Korea, and Iran. He recalls one example where equipment bound for Ukraine became a target. On Telegram, attackers exchanged details to disrupt supply chains.
Other gangs, including Nigerian groups, act mainly for financial extortion.
Digitalisation increases the risks
The shipping sector’s rapid digital growth has opened more attack routes. Starlink and other satellite services connect ships more deeply, making them more vulnerable.
One US Navy chief lost her role after installing an unauthorised satellite dish on a combat ship so officers could browse the internet.
Much of shipping’s digitisation is fragmented and outdated. The average cargo ship is 22 years old, and companies cannot dock vessels often for upgrades.
New risks include GPS jamming and spoofing.
“GPS spoofing feeds ships false positions,” explains Arik Diamant of security firm Claroty. “It can reroute vessels or even push them into shallow waters.”
In May, the container ship MSC Antonia ran aground in the Red Sea after a suspected spoofing incident. No one was accused, but Houthi rebels have attacked other ships nearby. Similar GPS interference in the Baltic has been blamed on Russia.
Defending against complex threats
Anti-jam technology exists but remains expensive. Not all operators can afford it.
Emission sensors on ships, which transmit data, also create fresh entry points for hackers.
Tougher rules to protect shipping
In 2021, the International Maritime Organization (IMO) strengthened its safety management code with binding cyber rules.
HFW expert Tom Walters says ship systems must now include mandatory cyber risk management. Defences range from basic IT practices to advanced technical safeguards.
“I think the industry is in a strong position compared with six or seven years ago,” says Stawpert. “Awareness has risen sharply and will continue to grow.”
Speaking with criminals
Clack says exchanges with hackers happen through online messaging. These talks are short and direct. “It is usually in the context of ransomware negotiations,” he explains. “Often just one message a day, rarely more than two sentences.”
