John Z Black
Brunswick, ME • (207) 245-1010 • contact@johnzblack.com
The ocean used to be the resilience. A ship at sea was self-contained. Pull up anchor. Cut the radio. Keep moving. No one could touch you.
That’s not true anymore.
The maritime industry spent the last decade wiring its ships into the cloud. Navigation, cargo management, engine controls, port coordination – all connected, all satellite-linked, all constantly talking to something ashore. The efficiency gains are real. So is the exposure. CYTUR’s 2026 Maritime Cyber Threat White Paper puts a number on it: maritime cyber incidents surged 103% in 2025. Doubled. In one year.
And it’s gotten more dangerous than just GPS spoofing. Attackers are now fabricating commands and injecting false vessel data through satellite links – what CYTUR calls “asset forgery.” The ship’s console shows normal operations. The actual ship is doing something else. Because smart ships share satellite infrastructure, one attack vector can hit multiple vessels at once.
Earlier this year, a Starlink outage stopped US Navy drone ship tests cold. One provider, one outage, mission over. Commercial shipping has the same dependency, with fewer resources and less urgency to fix it.
IACS UR E26/E27, the cybersecurity framework for ship systems, became mandatory in 2026. CYTUR describes this year as the “first year of practical verification.” The early results aren’t encouraging.
The industry isn’t going to unplug its smart ships. The investment is too deep. But right now the sea has an attack surface it never had before, and the attacks are already there to prove it.