3 min read

CIRM 2025: Global cyber & risk in the maritime domain

By: Dryad Global on October 20, 2025 at 2:00 PM

Cyber Security cyber risk maritime cyber security maritime cyber threats maritime cyber defence PORT CYBER

Featured Image

Last week (14–16 October 2025), the CIRM Annual Conference gathered the marine-electronics community in Lisbon to tackle the biggest technical and operational issues facing shipping today.

Representing Dryad Global, Frank Fenner (Chief Commercial Director) and Erik Speyer (Technical Director) delivered our “Global Cyber & Risk” briefing, sharing real-world incidents, trend data, and practical steps operators can take right now.   

WhatsApp Image 2025-10-15 at 09.15.33 (1)

The signal through the noise: what’s changed in 2025

 

Our presentation highlighted a set of linked threats that spanned regions and disciplines — from comms-layer disruptions to OT compromise and regulatory change. Key points included:

  • Undersea cable interference is no longer theoretical. Disruptions in multiple theatres over the last 12 months underscore how fragile maritime connectivity can be and how quickly knock-on risks cascade across fleets and ports. 

  • A coordinated cyberattack on NITC vessels left dozens unable to connect to shoreside facilities; adversaries claimed root-level access to satcom terminal OSs and disruption to Falcon maritime comms. It’s a clear example of adversaries moving beyond IT into communications infrastructure. 

  • AIS/GPS spoofing and jamming are spiking. We’re seeing sharp rises in anomalous position “jumps” and deliberate interference that degrades navigation, compliance, and safety — including national-level directives to halt navigation during outages. 

  • Cargo-infrastructure malware is real and present. From reports of backdoors in Chinese-manufactured ship-to-shore cranes to malware (e.g., Korplug) identified across European shipping firms — some directly on vessels — the crane-to-bridge attack surface is expanding. These developments sit alongside USCG MARSEC Directive 105-5 requiring additional cyber-risk measures for PRC-made STS cranes.   

  • More incidents, more actors, more cross-silo attacks. IMO noted 109 reported cyber incidents between 1 January and 17 June 2025, with attacks increasingly moving between port IT, terminal OT, and vessel systems — and likely to serve as precursors to hybrid operations. The upside: as solutions proliferate and mature, dynamic protection remains possible

Discover Cyber Voyager™

 

Why this matters to owners, operators, and ports

 

Taken together, these trends point to two worrying patterns:

  1. Growing, deliberate interference with port/terminal IT and OT, and

  2. A sharp rise in navigation-system spoofing/jamming that undermines safety, compliance, and commercial reliability. 

WhatsApp Image 2025-10-15 at 09.15.34 (3)

For leaders responsible for fleet operations, voyage planning, or terminal uptime, that means your risk picture can change mid-passage — and the interfaces between systems (satcom ⇄ ECDIS ⇄ engine control ⇄ port cranes) now matter as much as the systems themselves.

 

How Dryad Global helps

 

Dryad Global’s platforms and services are designed for exactly this blended threat environment:

  • Secure Voyager Hub (SVH): Fuses route intelligence with live incident reporting to flag geopolitical, cyber, and physical risks on current and planned tracks — including AIS sanity checks and spoofing indicators to support safer nav decisions and compliance.

  • Cyber Voyager (CV): A maritime-specific cyber-risk framework for port, terminal, and vessel IT/OT, including asset discovery, vulnerability posture, and pragmatic controls that align with MARSEC directives and IMO guidance. 

  • Threat Intelligence & Advisory: Continuous monitoring of GNSS interference, cable disruptions, and malware campaigns targeting the maritime stack, translating signals into actionable, operational advice for bridge teams and shoreside operations. 

  • Incident Response & Table-top Exercises: From playbooks to drills that practice cross-silo recovery (bridge, IT, OT, vendor), we help organisations shorten time-to-contain and keep cargo moving safely.

 

About CIRM

CIRM (Comité International Radio-Maritime) is the principal international association for companies engaged in maritime electronics and maintains close engagement with the IMO and standards-setting bodies — making its annual conference a key forum for shipping’s technical future. 

Related Posts

China’s Ten-Dash Line: Deciphering Disputes in..

South China Sea issues remain complex, but India’s geopolitical imperatives in the region are..

Indonesia’s Asean role means hope for South China..

Indonesia’s Asean role means hope for South China Sea code, but no deal expected this year.

Chinese Maritime Militia Disperses Amid Political..

A political standoff between China and the Philippines over a reef in the South China Sea has begun..

Twitter Feeds

 

Channel 16
Cross-Strait relations in the Lai era
On May 20, Lai Ching-te was inaugurated as Taiwan's new president, prompting significant military...
Know More
Reach Us

Press/media contact
Email Us

General Enquiries
Contact Us Here

    © 2024 Dryad Global. All Rights Reserved