ADAKU ONYENUCHEYA reports an urgent need to invest in risk management to secure Nigeria’s maritime digital infrastructure against emerging cyber threats that could disrupt trade, cause economic losses, and compromise national security.

The surge in sophisticated cyberattacks targeting shipping and ports has raised concerns about underinvestment in proactive risk management, which is emerging as a critical threat to maritime safety.

A Maritime Cyber Threat White Paper 2026, recently released by Cyber Trust and Resilience (CYTUR), a cybersecurity firm, shows that maritime cyber incidents surged by 103 per cent in 2025, with about 828 cases recorded compared to 408 incidents in 2024.

According to the report, these cyber threats have moved beyond data breaches, Operational Technology (OT) system, loss of control and Global Positioning System (GPS) jamming and spoofing to include Distributed Denial of Service (DDoS) attacks, ransomware and malware infections, which now account for the majority of incidents, with their growth rate more than doubling over the past year.

Growing risks as concern for industry players
The report also revealed that cyberattacks on the maritime industry are unfolding along two primary axes, which include direct attacks aimed at seizing physical control of vessels, and supply chain attacks designed to paralyse the broader maritime ecosystem.

Lloyd’s Register had highlighted the growing risks of cyber threats, including ransomware, navigation system hacks and communication disruptions, which are causing financial loss, endangering lives and disrupting global trade.

Also, Dryad Global highlighted an increasingly complex and dynamic cybersecurity landscape in the maritime industry in 2025, noting that cybercriminals are leveraging advanced technologies, such as Artificial Intelligence (AI) and large language models (LLMs), to launch more adaptive and precise attacks aimed at crippling critical systems on vessels and within port infrastructure.

Chief Data and Analytics Officer, Pole Star Global, Saleem Khan, raised an alarm that the shipping and marine sector is becoming increasingly familiar with the complexity of the attacks, which are becoming more sophisticated with their financial implication rising.

Holman Fenwick Willan (HFW), an international law firm, and CyberOwl disclosed that cybercrime is projected to become a $10.5 trillion industry by 2025, underscoring the urgency of addressing the challenges in the maritime sector.

Both firms further revealed that the average cyber-attack in the maritime industry ends up costing the target organisation about $550,000, up from $182,000 in 2022, while the demands for ransom increased by more than 350 per cent, with the average ransom payment at $3.2 million from $3.1 million in 2022.

The maritime sector is increasingly adopting technology to automate shipping and port operations for seamless trade facilitation. In fact, the International Maritime Organisation (IMO) urged maritime nations to build smart ports and a maritime single window for efficiency.

While developed countries have automated their maritime operations, Nigeria has also taken a digital leap in port modernisation and is expected to go fully paperless by the second quarter of 2026.

The digital ecosystem is designed to ensure that terminal and port operations are seamless to enhance trade facilitation, transparency and competitiveness, while minimising delays and preventing financial losses to businesses and the government.

FG deepens safety measures via digital platforms
Ministries, Departments and Agencies (MDAs) in the maritime sector are advancing the digital transformation drive by adopting emerging technologies such as blockchain and the Internet of Things (IoT), among others, to facilitate faster, more transparent and cost-efficient trade processes.

However, the Nigeria Customs Service (NCS) has deployed the B’Odogwu platform, the Nigerian Shippers’ Council (NSC) has implemented the Enterprise Content Management System (ECMS), and the Nigerian Maritime Administration and Safety Agency (NIMASA) has adopted the Maritime Enhanced Monitoring System (MEMS), while the Nigerian Ports Authority (NPA) is expected to launch its Port Community System (PCS), while the Federal Government’s National Single Window system take off March 1, 2026.

In addition to these major digital platforms, there are others, such as the electronic call-up system for truck movements to and from the ports, as well as terminal operators’ and shipping companies’ systems for container clearance.

However, cybercriminals are intensifying their efforts to circumvent these systems in the country.

Last year, the Nigeria Customs Service (NCS) experienced a cyberattack on its Information Communication Technology (ICT) platform – the B’Odogwu system, which disrupted cargo clearance operations and paralysed the import-export workflow at major ports across the country.

This attack led to significant losses in terms of demurrage fees on containers that were delayed at the ports and revenue for the NCS.

Although the NCS said measures were put in place to forestall future attacks, cybercriminals are not resting on their part.

Marlink Cyber, an Information Technology (IT) solutions firm, said the cybersecurity landscape in 2025 has become increasingly complex and challenging, raising the pressure on maritime operators to improve the protection of assets and people.

The firm, in its Security Operations Centre (SOC) report for the second half of 2024, alerted that cybercriminals targeting the maritime sector have enhanced their tactics and operational efficiency, adopting emerging technologies to expand their attack capabilities.

According to the report, cybercriminals are increasing their use of AI-driven, sophisticated methods to target both IT and Operational Technology (OT) systems.

The report also revealed that the cybercriminal ecosystem has become more organised as they have increasingly turned to access broker services to enter corporate environments, such that the sale of network access has doubled in the past year.
“Hackers are evolving tools and tactics, using next-generation technology and commercially available software to exploit vulnerabilities,” the report stated.
CYTUR’s white paper stated that ports handle approximately 80 per cent of global trade, with large-scale port terminals becoming prime targets for ransomware.

CYTUR report revealed that attackers encrypt Terminal Operating Systems (TOS) to completely halt container loading and unloading operations, subsequently demanding exorbitant ransoms.

According to the report, paralysing cargo handling systems and logistics data of even a single major port can bring container operations to a halt and trigger a severe bottleneck effect across the entire global supply chain.

The report also noted that cybercriminals are planting malware into update servers or management tools, which has the highest impact, as a single breach can simultaneously distribute malicious code to maritime operators that utilise the compromised software.

Stakeholders explore solutions
Experts have warned that maritime infrastructure in Africa is highly vulnerable to cyberattacks due to the widespread use of outdated technology and inadequate regulatory policies.

Anti-piracy Security Head at Trident Group America Inc, Prof. Alfred Oniye, said while the maritime sector is increasingly adopting technologies for smooth operation, cybercriminals have also found new opportunities to exploit the vulnerabilities in port operations and vessel navigation systems.

Oniye, who is also a dean of faculty at City University, said outdated technologies in many ports and vessels expose the region to cyber threats.

He said the region’s maritime sector is often ill-equipped to defend against modern cyber threats, leaving it vulnerable to cybercriminals.
The Institute for Security Studies had reported that the growing vulnerabilities are due to the reliance on legacy systems that are no longer capable of safeguarding operations from cyber intrusions.

The institute’s report revealed that several major African ports and shipping industries are vulnerable to cyberattacks due to outdated systems and a lack of comprehensive cybersecurity frameworks to protect against increasingly sophisticated attacks targeting maritime operations worldwide.

Oniye said the weaknesses make the region’s ports and shipping routes attractive targets for cybercriminals, disrupting trade, causing economic losses and compromising national security.

“Many African ports use legacy systems that are not designed to withstand modern cyber threats. There is a general lack of awareness about cyber threats among maritime stakeholders, and maritime personnel often lack the necessary training to identify and respond to cyber threats, while existing maritime security policies do not adequately address cybersecurity,” he stated.

Oniye said that while the threat of maritime cyberattacks is growing, immediate action is required to protect Nigeria’s maritime infrastructure from these threats.

The Chairman, Nigerian Ports Consultative Council (NPCC), Bolaji Sunmola, said digital technologies are rapidly changing vessel traffic management, cargo handling inspections and regulatory processes.

He warned that the growing adoption of AI also exposes the sector to rising risks such as data breaches, operational disruptions and potential attacks on critical infrastructure.

Proactive policies
Experts have noted that the evolving cyber threats in the maritime sector – especially as automation expands and artificial intelligence becomes increasingly embedded in operations – require coordinated and proactive risk management to prevent disruptions that could cripple national trade and logistics.

This concern is heightened by the fact that much of Nigeria’s digital ecosystem is built by foreign IT firms, with critical data stored outside the country.

CyberOwl stated that despite these exorbitant cyber threat costs, most maritime organisations and governments significantly under-invest in cyber security management.

Marlink Cyber stated that the increasing complexity of these cyber threats reinforces the urgent need for stronger security postures and improved cyber hygiene.

Oniye said that by investing in modernising technology, increasing awareness, enhancing training, developing policies and promoting international collaboration, Nigeria can mitigate the risks and ensure the security of its maritime operations.

He, however, warned that the failure to implement robust cybersecurity measures in Nigerian ports could have far-reaching consequences.

Sunmola emphasised that Nigeria’s competitiveness and national security hinge on the sector’s ability to fortify its digital assets, preserve system integrity and equip its workforce with skills required to navigate the evolving cyber-threat landscape.

Giving its maritime cyber risk outlook for 2026, CYTUR’s white paper warns that the year will mark the era of “autonomous attacks,” where AI evolves beyond a supportive tool to independently executed operations.

The report stated that AI agents can now perform up to 90 per cent of the attack lifecycle, from vulnerability analysis to data exfiltration, without human intervention.

According to the report, this will enable low-skilled threat actors to launch nation-state-level sophisticated attacks at scale, leading to an explosive increase in attack frequency against maritime organisations.

“The cartelisation of politically motivated hacktivists and profit-driven ransomware organisations will deepen. These cartels will likely normalise double and triple extortion tactics and precisely target backup systems, focusing on high-value attacks with ransom demands averaging millions of dollars,” the report stated.

The report, however, noted that regulatory compliance will become a critical risk factor determining the survival of maritime enterprises in 2026.

The report further stated that, as blind spots for security vulnerabilities remain, international pressure and cyber sanctions to block these entities will intensify.