In a concerted effort to bolster maritime cybersecurity, global cyber threat intelligence leader EclecticIQ has joined forces with the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE). The collaboration aims to address growing concerns around state-sponsored cyber threats targeting critical maritime infrastructure.
A NATO-affiliated report titled ‘Addressing State-Linked Cyber Threats to Critical Maritime Port Infrastructure,’ marks a significant milestone in this partnership. The report delves into the myriad cybersecurity challenges faced by maritime port facilities, particularly in NATO member and partner nations, amidst escalating digitalisation and geopolitical tensions.
The report sheds light on how state-sponsored advanced persistent threat (APT) groups like APT44 and Yellow Lideric are targeting European and Middle Eastern ports. The cyber campaigns exploit weaknesses in legacy operational technology, foreign equipment, and poorly segmented digital systems, posing risks to both civilian and military maritime operations.
One of the key takeaways is the growing convergence of IT and OT environments in modern ports, creating new attack surfaces and risks. Moreover, the report identifies critical gaps in cyber threat intelligence sharing across national agencies, port authorities, and private operators, thus exposing systemic vulnerabilities in maritime cyber readiness.
According to Cody Barrow, CEO of EclecticIQ, "Ports handle 90% of global trade and are increasingly targeted by state-sponsored actors." Barrow further emphasises that, "This NATO collaboration showcases how actionable threat intelligence can bridge the gap between identifying threats and preventing attacks, safeguarding the global economy.”
The partnership with NATO underscores EclecticIQ’s mission towards advancing collective cybersecurity through intelligence sharing and cross-sector collaboration. The initiative highlights that protecting critical national infrastructure necessitates both private sector expertise and international cooperation.
EclecticIQ played a pivotal role in the report's creation, lending deep cyber threat intelligence expertise by utilising proprietary CTI tools. These tools map threat actor tactics, techniques, and procedures (TTPs) and assess vulnerabilities within maritime port infrastructure.
The report also reflects on lessons learned from a significant ransomware attack in January 2022, which affected ICT systems at 17 ports across Western Europe, revealing urgent cybersecurity challenges facing the maritime domain.
EclecticIQ’s continuous collaboration with government and industry partners underscores its commitment to enhancing security in high-risk sectors. By offering adaptable threat intelligence solutions, the company empowers organisations to anticipate, detect, and react to evolving cyber threats effectively.