New NATO and EclecticIQ report shines light on maritime cybersecurity

EclecticIQ collaborates with NATO CCDCOE to unveil the vulnerability of maritime ports to state-sponsored cyber threats, urging enhanced intelligence sharing and readiness.

In a concerted effort to bolster maritime cybersecurity, global cyber threat intelligence leader EclecticIQ has joined forces with the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE). The collaboration aims to address growing concerns around state-sponsored cyber threats targeting critical maritime infrastructure.

A NATO-affiliated report titled ‘Addressing State-Linked Cyber Threats to Critical Maritime Port Infrastructure,’ marks a significant milestone in this partnership. The report delves into the myriad cybersecurity challenges faced by maritime port facilities, particularly in NATO member and partner nations, amidst escalating digitalisation and geopolitical tensions.

The report sheds light on how state-sponsored advanced persistent threat (APT) groups like APT44 and Yellow Lideric are targeting European and Middle Eastern ports. The cyber campaigns exploit weaknesses in legacy operational technology, foreign equipment, and poorly segmented digital systems, posing risks to both civilian and military maritime operations.

One of the key takeaways is the growing convergence of IT and OT environments in modern ports, creating new attack surfaces and risks. Moreover, the report identifies critical gaps in cyber threat intelligence sharing across national agencies, port authorities, and private operators, thus exposing systemic vulnerabilities in maritime cyber readiness.

According to Cody Barrow, CEO of EclecticIQ, "Ports handle 90% of global trade and are increasingly targeted by state-sponsored actors." Barrow further emphasises that, "This NATO collaboration showcases how actionable threat intelligence can bridge the gap between identifying threats and preventing attacks, safeguarding the global economy.”

The partnership with NATO underscores EclecticIQ’s mission towards advancing collective cybersecurity through intelligence sharing and cross-sector collaboration. The initiative highlights that protecting critical national infrastructure necessitates both private sector expertise and international cooperation.

EclecticIQ played a pivotal role in the report's creation, lending deep cyber threat intelligence expertise by utilising proprietary CTI tools. These tools map threat actor tactics, techniques, and procedures (TTPs) and assess vulnerabilities within maritime port infrastructure.

The report also reflects on lessons learned from a significant ransomware attack in January 2022, which affected ICT systems at 17 ports across Western Europe, revealing urgent cybersecurity challenges facing the maritime domain.

EclecticIQ’s continuous collaboration with government and industry partners underscores its commitment to enhancing security in high-risk sectors. By offering adaptable threat intelligence solutions, the company empowers organisations to anticipate, detect, and react to evolving cyber threats effectively.

Certification's true value lies beyond speed, focusing on continuous system improvement for genuine...
Supermicro expands its AI edge computing solutions with Intel's advanced technologies, aiming to...
One Identity sets new course as an independent entity, focusing on identity governance with its...
A surge in AI adoption results in increased security concerns across UK and US enterprises, despite...
N-able introduces Shadow AI Visibility to monitor AI tool usage, enhancing organisational security...
Vanquis integrates Freshservice to streamline service operations, marking a development in its...
Scality and OVHcloud partner to deliver a sovereign cloud platform tailored for European digital...
Perforce Software has introduced updates to its DevOps tech stack, adding new tools for AI...