According to a survey result from a recently released 57-page cybersecurity report by Thetius, CyberOwl, and HFW, one-fifth of shipping companies have experienced cyberattacks in the past 12 months. However, ransom costs have significantly decreased.

The key findings of the survey reveal that 7% of the participants admitted to paying a ransom after suffering a cyberattack. In 2023, nearly 14% of shipowners admitted to paying ransoms. The average cost of paying a ransom now is less than 100,000. In 2023, this figure was 100,000. In2023,thisfigurewas3.2 million.

93% of the surveyed crew members stated that they feel inadequately prepared to address current cybersecurity challenges, while 70% of the respondents believe that training could be improved through drills and exercises.

According to CyberOwl's analysis, among the more than 1,200 maritime cybersecurity cases they handled in 2024, 60% of the incidents were caused by malware spreading to ship systems. 77% of the malware was transmitted via USB drives and removable media, such as engineers' laptops.

Tom Walters, Partner at HFW, said, "With one in five shipping companies facing cyberattacks in the past 12 months, our landmark report holds significant importance. The shipping industry is increasingly reliant on technology for operations, which brings greater risks from external threat actors. It is crucial for companies to take measures to protect themselves from ongoing threats at every stage of a vessel's lifecycle."

"Currently, the lack of coordination in maritime cybersecurity regulations, guidelines, and standards is troubling us. Every year, we add more requirements, but these requirements are inconsistent in detail, which is becoming a nightmare for the industry and creating an unsustainable model for the future," commented Scott Dickerson, Director of the Global Maritime Cybersecurity Consortium.