This week’s picture is defined by a fragile Israel–Hamas ceasefire, a conditional Houthi pause that does not remove risk to Red Sea trade, a coast-guard confrontation in the South China Sea, and a steady drumbeat of cyber threats targeting maritime and critical infrastructure.
Houthi statements indicate a pause on attacks against non-Israeli ships, contingent on Israeli adherence to the Gaza ceasefire; Israeli-flagged or linked vessels remain targets. Dryad Global assesses the truce as highly fragile and strongly advises against transiting the Red Sea/Bab al-Mandab under current conditions. Notably, a prior pause saw transits rise to ~350 per week, yet insurance costs remain 20–30% above pre-2023 levels—evidence of persistent uncertainty. With Phase 2 of the ceasefire expected by November 2025, any failure to progress could see a resurgence of attacks akin to July 2025.
Operational take: If passage is unavoidable, intensify routing and communications discipline, plan for diversions via the Cape, and review war-risk coverage and charterparty clauses accordingly.
On 12 Oct, CCG 21559 used water cannons and made physical contact with Philippine BFAR vessel BRP Datu Pagbuaya near Thitu Island, causing minor damage and forcing a course change. The US labelled the action “dangerous and escalatory”; China claimed the Philippine vessel entered its jurisdiction. The incident underscores the risk of state-on-state friction affecting commercial navigation in contested waters.
Operational take: Maintain prudent CPA from state assets, document all interactions on the bridge log, and align voyage planning and advisories with company HSSE guidance for EEZ/territorial claims.
The MIB flags a cluster of items relevant to shipowners, managers, ports, and energy terminals:
Compromise trends in network appliances/backups (e.g., firewall backup breaches); active exploitation of VMware and Oracle zero-days; activity attributed to SideWinder and China-linked actors.
Continued reports of GNSS/AIS interference and the operational risk from deepfakes/social-engineering in maritime workflows.
Attacks impacting European oil port terminals and persistent pre-positioning on US and Pacific infrastructure.
Operational take: Validate offline, immutable backups; accelerate patching cycles for edge devices; segregate OT/IT; rehearse GPS-denied navigation fallbacks; and tune SOC detections for living-off-the-land and identity-abuse patterns highlighted this quarter.
Migration pressures in the Mediterranean, stepped-up counter-narcotics activity in the Americas, Arctic defence investment, and evolving Asia–Pacific naval postures all intersect with shipping risk and insurance exposure this quarter.
Risk is multi-domain and dynamic. Fragile truces, grey-zone maritime enforcement, and cyber pre-positioning can combine quickly to raise exposure on a single voyage. Dryad Global recommends continuous voyage-specific threat monitoring, updated company guidance for Red Sea/SCS transits, and a renewed focus on cyber resilience across fleets and terminals.
If you’d like tailored routing and risk guidance, or to fuse physical and cyber signals into a single operating picture, explore Secure Voyager Hub—our configurable risk-intelligence system for shipowners, managers, ports and insurers.