Mon. May 20th, 2024

Editor’s Note: In the thought-provoking article, “Protecting Ships from Cyber Terrorism,” by Ilan Barda, founder and CEO of Radiflow, the recent Baltimore Francis Scott Key Bridge collapse is examined through the lens of cybersecurity within the maritime industry. This piece not only sheds light on the incident but also casts a wider net over the vulnerabilities within the maritime sector—spanning from operational technologies on vessels to the intricate supply chains involved in shipbuilding. Barda outlines the multifaceted nature of maritime cybersecurity, emphasizing the urgent need for comprehensive cybersecurity measures to shield against potential cyberattacks. For professionals engaged in cybersecurity, information governance, and eDiscovery, this article serves as a reminder for action, urging for heightened awareness and robust protection strategies to safeguard critical maritime infrastructure.

Content Assessment: Protecting Ships from Cyber Terrorism

Information - 94%
Insight - 95%
Relevance - 92%
Objectivity - 92%
Authority - 94%



A short percentage-based assessment of the qualitative benefit expressed as a percentage of positive reception of the recent article by Radiflow CEO Ilan Barda, on the topic of "Protecting Ships from Cyber Terrorism."

Industry News – Cybersecurity Beat

Protecting Ships from Cyber Terrorism

Ilan Barda, Founder and CEO at Radiflow

The investigation into Baltimore’s Francis Scott Key Bridge collapse has only just begun, but we’ve already seen news reports containing an unclassified memo from the Cybersecurity and Infrastructure Security Agency (CISA) and comments from the Department of Homeland Security concerning the cause. Maryland Governor, Wes Moore, said he could confirm that “The crew notified authorities of a power issue,” adding that the ship had lost power before smashing into one of the columns supporting the bridge. At this time, there is no evidence that the incident was anything more than a tragic accident, but the involvement of these U.S. government agencies indicates concerns of a cyberattack.

Those concerns are highly warranted. For some time, maritime cybersecurity has been top of mind for regional, national, and global policymakers. In February, the Biden administration issued an executive order to bolster and safeguard critical maritime infrastructure across the United States. Other countries and regions are on alert as well. NIS2, the updated Directive from the European Union slated to go into effect later this year, also addresses maritime cybersecurity. The International Maritime Organization’s (IMO) cybersecurity guidelines encourage shipping companies and vessel operators to address cybersecurity risks and implement measures to protect their assets, as do frameworks and guidelines from additional regulatory bodies.

Vulnerable Maritime Systems

The numerous operational technologies (OT) on seafaring vessels have kept pace with digital transformations in other industries. Once powered solely by onboard fuel and propelled by engines, modern ships are hybrids, utilizing a combination of solar energy and fossil fuels in concert with a variety of smart engines. Modern propulsion systems now employ multiple connected technologies that reduce fluid friction and optimize performance. But these and other technologies can be cyber-compromised.

There are plenty of onboard systems to attack. Hackers are known to intercept satellite communications used extensively by ships at sea. They can also spoof or jam GPS systems, manipulate the automatic ID system (AIS), steal vital data, or inject malware or ransomware into any number of onboard systems via infected devices or files. Such attacks can throw a ship off course. When combined with a compromised propulsion system, the consequences can be horrific.

Attacks on operating vessels aren’t the only vulnerabilities that shippers need to be concerned about. Risk starts early in the shipbuilding process. The long, complicated process of shipbuilding introduces a complex supply chain, where numerous parts and software products originating from multiple locations and a variety of international vendors become part of the ship’s essence. During manufacture, ship components may be compromised with latent malware, as threat actors patiently wait for the right future moment to interfere with communication or navigation systems, or to exploit a remote-access backdoor to take control of the ship.

Ports and offshore facilities are also major elements of the maritime ecosystem, and they expose a collection of additional attack surfaces. Equipment and systems operating on loading docks and even oil rigs are inviting targets. These communicate with ships and can unknowingly share malware. Equipment and systems – from Chinese-made cranes to container-stacking machinery to drilling mechanisms – are in the hacker’s sights.

So, was this latest incident an accident or the result of a cyber attack?

Captain Jeffrey Spillane, the Dean of the School of Maritime Education and Training at the State University of New York System Maritime, expressed his expert opinion. He told one publication that the smoke and flickering lights of the 1,000-foot ship – visible in the videos of the collision with the Key Bridge – may be indicators of a loss of electricity, which could produce a sudden loss of propulsion and steering. Also, black smoke emanating from the vessel prior to contact with the bridge could be a further indication that a significant event occurred onboard. We will have to wait for further investigation by the experts before drawing conclusions.

Consequences of Maritime Cyber Attacks

Regardless of whether this disruptive, deadly crash was an unfortunate accident or the result of a repugnant cyber attack, it highlights the potential consequences of cyber terrorism on the maritime industry. Contacting just one column of the 1.6-mile-long bridge, the ship was able to bring large portions crashing into the water and tragically end the lives of six construction workers.

The economic damage is extensive. The Port of Baltimore – one of the busiest car import/export points in the US and home to some of the largest retailer distribution centers like FedEx, Amazon, and Home Depot – is shut down until further notice. Many of the 15,000 employees who work directly for the Port and 140,000 other employees supported by the Port’s ecosystem are out of work.

Meanwhile, the Key Bridge, a vital road transportation route, is shut down indefinitely, forcing 30,000 daily commuters to find alternate routes.

Shielding the Maritime Industry

Safeguarding maritime vessels and infrastructure against cyberattacks is complicated, especially considering the deployment of Chinese-manufactured cranes throughout US seaports. Maritime cybersecurity demands a multifaceted approach rooted in robust cybersecurity measures and continuous vigilance. A comprehensive prevention program encompassing accurate risk management, stringent access controls, continuous threat detection, and incident response planning is called for immediately.

By prioritizing cybersecurity measures in the face of evolving threats, maritime organizations can fortify their resilience against cyberattacks, ensuring the safety and integrity of their operations and to the public at large.

While this particular incident may turn out to be a very unfortunate accident, the next one might come as a result of a cyber incident. Let’s not wait.

About Ilan Barda

Ilan Barda, founder and CEO of Radiflow, is a renowned expert in the Security and Telecom industry with over 20 years of experience. His expertise in developing secure communication systems was honed during his tenure in the Information Security division of the IDF.

Assisted by GAI and LLM Technologies

Additional Reading

Source: ComplexDiscovery OÜ


Have a Request?

If you have information or offering requests that you would like to ask us about, please let us know, and we will make our response to you a priority.

ComplexDiscovery OÜ is a highly recognized digital publication focused on providing detailed insights into the fields of cybersecurity, information governance, and eDiscovery. Based in Estonia, a hub for digital innovation, ComplexDiscovery OÜ upholds rigorous standards in journalistic integrity, delivering nuanced analyses of global trends, technology advancements, and the eDiscovery sector. The publication expertly connects intricate legal technology issues with the broader narrative of international business and current events, offering its readership invaluable insights for informed decision-making.

For the latest in law, technology, and business, visit


Generative Artificial Intelligence and Large Language Model Use

ComplexDiscovery OÜ recognizes the value of GAI and LLM tools in streamlining content creation processes and enhancing the overall quality of its research, writing, and editing efforts. To this end, ComplexDiscovery OÜ regularly employs GAI tools, including ChatGPT, Claude, Midjourney, and DALL-E, to assist, augment, and accelerate the development and publication of both new and revised content in posts and pages published (initiated in late 2022).

ComplexDiscovery also provides a ChatGPT-powered AI article assistant for its users. This feature leverages LLM capabilities to generate relevant and valuable insights related to specific page and post content published on By offering this AI-driven service, ComplexDiscovery OÜ aims to create a more interactive and engaging experience for its users, while highlighting the importance of responsible and ethical use of GAI and LLM technologies.