Intel Brief

Maritime Cyber Intelligence Brief

16–30 June 2026 · Free preview. The full issue — 11 developments across six sections — ships to subscribers by email.

Two stories in brief

Full analysis, recommended actions, tabletop scenarios, and cited sources in the complete issue.

Strait of Hormuz: more than 60% of India-bound ships switch themselves off

Between 1 May and 25 June, 45 of 73 India-bound tankers and cargo ships crossing the Strait of Hormuz turned off their AIS transponders — “going dark” to lower their targeting risk amid US–Iran tensions (Kpler data, via Marine Insight). It happened on top of record-concentrated GPS jamming: Windward logged nearly 978 000 jamming events worldwide in Q1 2026, 98% of them in the Middle East Gulf.

Why it matters: this is vessel-initiated — a rational choice by masters that nonetheless blinds everyone else. In the Gulf the traffic picture now degrades from both ends at once: jamming corrupts it from outside, and ships withdraw their own reporting from inside. The absence of a track is no longer the absence of a ship.

A ransomware gang claims Germany’s principal naval shipbuilder

On 28 June the TheGentlemen group — ranked by Check Point Research as the second-most-active ransomware operation of 2026 — listed Thyssenkrupp Marine Systems (TKMS) and its marine-electronics arm Atlas Elektronik on its leak site. TKMS builds Germany’s submarines and surface combatants. As of writing, neither company has confirmed or denied, the tracker flags the entry as a possible duplicate, and no verified data sample has appeared. For now it is a claim, not a confirmed breach.

Why it matters: a claim against a NATO-tier naval builder is a different category of risk from a claim against a commercial operator — the sensitivity is sovereign, and a credible, highly active group making the claim is enough to warrant defensive assumptions across the programme’s supply chain, verified or not.

The full brief also covers

Subscribers only — the complete analysis ships by email.

Section 1 · Incidents & Attacks
🔒 Nova ransomware lists two maritime firms within days — an Antwerp ocean-freight forwarder and a Mumbai marine-engineering house
Section 2 · Regulations & Standards
🔒 USCG issues expanded cybersecurity guidance — the risk assessment becomes the gating task, with the CySO clock running to July 2027 🔒 USCG CTIME 2025, the regulator’s own telemetry — phishing now 43% of incidents; ransomware reaches a cruise ship’s hotel systems 🔒 Cyprus stands up a trilateral Maritime Cybersecurity Centre of Excellence with Israel and Greece
Section 3 · Threats — OT/ICS and GNSS/PNT
🔒 CVE-2026-56770 — a flaw in a widely used AIS decoder lets a single crafted signal crash the systems that build the traffic picture; the only maritime-OT CVE of the fortnight 🔒 USCG finds purpose-built AIS-spoofing hardware and malware aboard seized “dark fleet” tankers — the deception is engineered into the ship
Section 4 · Ports & Supply Chain
🔒 SeaSecure — hardware-gated remote access puts vendor maintenance sessions back under the captain’s control 🔒 Korea’s maritime-cyber market matures — Cyter closes a Series A and ships a class-aligned, full-lifecycle compliance product
Section 5 · People, Training & Governance
🔒 SmartSea: AI is widening the crew training gap — and a call to write cyber awareness into the STCW Convention

Every locked item carries the same depth as the two above: the pattern, the scale, the board-level read, the actions, and where it fits, a tabletop you can run with your team. Every claim cited.

Upcoming maritime cyber events — free

Public events on the forward horizon. No subscription required.

Subscribe

Past issues stay free to read in full. From the June 2026 issue, the complete brief is subscriber-only — each new issue still gets a short free summary.

Monthly
€49/mo
 
  • Full semi-monthly reports
  • Cancel anytime
Subscribe
Semi-Annual
€249/6 mo
€41.50/mo · Save 15%
  • Full semi-monthly reports
Subscribe
Best Value
Annual
€399/yr
€33.25/mo · Save 32%
  • Full semi-monthly reports
Subscribe

Also available in GBP, USD, PLN — select your currency at checkout.