Marlink has published a comprehensive report on global maritime cyber threats from its Security Operations Centre (SOC). The document, which utilizes data from the first half of 2024, sheds light on the increasingly sophisticated tactics of cybercriminals as they adapt their methods to circumvent established security measures.
The analysis reveals a significant escalation in cyber threats compared to the previous year. Marlink analysts have noted a persistent increase in traditional threats like Command and Control attacks, with a notable evolution in botnet attacks that are becoming more complex and frequent.
Phishing continues to dominate as the primary technique for infiltrating corporate networks. Additionally, there has been a rise in traffic from blacklisted sources, emphasizing the critical need for continuous updates to threat intelligence and stringent security protocols to block unauthorized access to risky domains.
The period also saw a dramatic increase in botnet activities, with new, more sophisticated botnets emerging that utilize AI to target IoT devices, showcasing enhanced automation capabilities.
In the first half of 2024 alone, the SOC recorded 23,400 malware and 178 ransomware detections. Firewall events—instances where connections breach a client’s network security policy—surpassed 50 billion, with security-related events tallying at 14.8 billion.
Alerts rose to 1.4 million, and the SOC managed 79 significant security incidents.
This surge in malware detection not only underscores the expanding scope of cyber threats but also highlights the crucial role of Endpoint Detection and Response (EDR) tools in identifying and mitigating malware spread.
Nicolas Furgé, President of Marlink Digital at Marlink, commented on the evolving challenges, that the maritime threat landscape in 2024 has continued to evolve, presenting new challenges that were not as prevalent in 2023 as cybercriminals are refining their strategies, launching deceptive campaigns that overcome even robust security measures.
