Maritime Industry Cybersecurity Threats in 2025: Advanced Persistent Threats (APTs), Hacktivism and Vulnerabilities

Authors

Minodora Badea, National University of Science and Technology "Politehnica" Bucharest
Olga Bucovetchi, National Institute for Research and Development in Informatics-ICI Bucharest
Adrian V. Gheorghe, Old Dominion UniversityFollow
Mihaela Hnatiuc, Constanta Maritime University
Gabriel Raicu, Constanta Maritime University

Document Type

Article

Publication Date

2025

DOI

10.3390/logistics9040178

Publication Title

Logistics

Volume

9

Issue

4

Pages

178

Abstract

Background: The maritime industry, vital for global trade, faces escalating cyber threats in 2025. Critical port infrastructures are increasingly vulnerable due to rapid digitalization and the integration of IT and operational technology (OT) systems. Methods: Using 112 incidents from the Maritime Cyber Attack Database (MCAD, 2020-2025), we developed a novel quantitative risk assessment model based on a Threat-Vulnerability-Impact (T-V-I) framework, calibrated with MITRE ATT&CK techniques and validated against historical incidents. Results: Our analysis reveals a 150% rise in incidents, with OT compromise identified as the paramount threat (98/100 risk score). Ports in Poland and Taiwan face the highest immediate risk (95/100), while the Panama Canal is assessed as the most probable next target (90/100). State-sponsored actors from Russia, China, and Iran are responsible for most high-impact attacks. Conclusions: This research provides a validated, data-driven framework for prioritizing defensive resources. Our findings underscore the urgent need for engineering-grade solutions, including network segmentation, zero-trust architectures, and proactive threat intelligence integration to enhance maritime cyber resilience against evolving threats.

Rights

© 2025 by the authors.

This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution 4.0 International (CC BY 4.0) License.

Data Availability

Article states: "The original data presented in the study are openly available in MCAD dataset at https://maritimecybersecurity.nl. Further data presented in this study are available on request from the corresponding authors."

ORCID

0000-0003-2830-675X (Gheorghe)

Original Publication Citation

Badea, M., Bucovetchi, O., Gheorghe, A. V., Hnatiuc, M., & Raicu, G. (2025). Maritime industry cybersecurity threats in 2025: Advanced persistent threats (APTs), hacktivism and vulnerabilities. Logistics, 9(4), Article 178. https://doi.org/10.3390/logistics9040178

Repository Citation

Badea, Minodora; Bucovetchi, Olga; Gheorghe, Adrian V.; Hnatiuc, Mihaela; and Raicu, Gabriel, "Maritime Industry Cybersecurity Threats in 2025: Advanced Persistent Threats (APTs), Hacktivism and Vulnerabilities" (2025). Engineering Management & Systems Engineering Faculty Publications. 273.
https://digitalcommons.odu.edu/emse_fac_pubs/273