Source: Expanded from Senarak, C. (2024) “Port cyberattacks from 2011 to 2023: a literature review and discussion of selected cases” Marit Econ Logist 26, 105-130.
A look at the global pattern of cyberattacks on ports reveals four major types of events:
- Ransomware. The most common port cyberattacks (69%) are attempts to encrypt crucial operational data stored on a network and ask for a ransom for the key to decrypt it. The 13 ransomware events of 2017 are related to the Petya cyberattack on Maersk (APMT), which diffused across several of its terminals worldwide. This was a pivotal event that underlined the vulnerability of the industry and resulted in large revisions of cybersecurity protocols.
- Intrusion. Attempts to intrude into an information network without the operator noticing to extract an advantage (15% of port cyberattacks). A salient intrusion attack took place at the port of Antwerp in 2011 when a criminal drug cartel was able to access the container management system and hide the whereabouts of some containers carrying drugs.
- Denial of service (DDoS). Attempts at disrupting information network resources by overwhelming servers to cause financial and reputational damage (15% of port cyberattacks). In 2023, there was a surge of DDoS attacks related to the Ukraine War as Russian hacker groups tried to disrupt port facilities in nations actively supporting Ukraine.
- Cyberwarfare. A deliberate attempt to infiltrate and disrupt port facilities as a dimension in an active conflict. The main example concerns the disruption at the Iranian Port of Shahid Rajaee in 2020 by Israel as retaliation for cyberattacks on Israeli infrastructure.
There is no particular geographical pattern for cyberattacks. Still, a large share of the cybersecurity events has occurred in Europe and North America, with the events in South America and Africa (outside South Africa) linked with the 2017 Petya cyberattack through APMT’s terminal network. It is worth underlining that no cyberattack events have been reported from China, even if it accounts for the world’s largest container port activity.