Skip to Main Content
हिंदी में
Emergence of Maritime Cybersecurity as a Key Concern in the Indian Ocean Region (IOR)
Introduction
There has been a growing focus among governments and policymakers, not only in India but also globally, on creating more awareness about the role of cybersecurity in the maritime sector. In an event in October 2025, the current Chief of Naval Staff of India, Admiral DK Tripathi, referred to cyber-attacks as ‘not merely on systems but rather on the arteries of the Indian economy’ and emphasised ‘cybersecurity as a critical concern for India’s maritime future’.[i] Thus, he stressed on the imperative to ‘integrate cybersecurity into all maritime systems from inception, strengthen coordination among stakeholders for rapid information sharing and thereby associate maritime sector as an independent Critical Information Infrastructure (CII)’.[ii]
Critical information infrastructure (CII) refers to computer systems, networks, and information assets whose disruption would have severe impacts on a nation’s security, economy, public health, or safety.[iii] Cybersecurity in the maritime sector is more reaction-oriented than action-oriented in tackling cyber-related threats. The digital architecture of ships is composed of information technology (IT), i.e., applications including fleet management software, crew emails, passenger records, management of cargo data, etc., and operational technology systems (OT) related to RADAR, navigation systems, and engine controls. The integration of OT and IT systems today means there is a greater convergence into the wider World Wide Web (WWW) Network, thereby providing hackers a wide array of areas to attack. Ships and ports today function as complex digital ecosystems, with numerous interdependent platforms and stakeholders.[iv] This complex ecosystem hosts, among others, many third-party vendors for maintaining logistics, software, and cargo management. The compromise of any one of them would lead to numerous repercussions involving delay in goods, port congestion, and leaving the port vulnerable. Most platforms today lack the necessary updates to meet cybersecurity requirements due to the existing disconnect between security readiness and technology adoption. While the primary motivation for cyber threat actors has been financial gain, the increasing involvement of non-state actors is concerning particularly regarding the storage of large amounts of data, including cargo travel records, crew information, financial records and intellectual property, such as trade secrets. These data can be easily accessed by these actors, which can then be used as leverage for financial gain. Manipulation of data, if done, could mean unauthorised release of information about the crew onboard, cargo, and shipping routes to facilitate smuggling activities. This paper thus discusses the emergence of cyber-related attacks in the Indian Ocean Region (IOR) and the trends associated with it. It also looks into India’s approach to maritime security and cooperation efforts in the region.
India’s Approach to Maritime Cybersecurity
India is an important regional player in the IOR. Besides, it is an anchor in facilitating the voices of a larger global south, of which many nations are also a part of the IOR. The growing integration of technology in the maritime sector is largely in pursuit of building sustainable shipping solutions and ensuring a stronger security paradigm. However, it presents a new challenge, as growing cybersecurity failures are a threat to the economy and undermine national security risks.[viii] India doesn’t have a strategy for cybersecurity in the maritime domain separately, unlike the United States National Maritime Cybersecurity Plan, 2020, or the United Kingdom’s National Strategy for Maritime Security, 2022.[ix]
There has, however, been a surge in domestic awareness and response to cyber-related attacks in its maritime domain. This has been exercised with leveraging indigenous technology, conducting cybersecurity workshops for training personnel, and facilitating public-private partnerships by institutions, including the Indian Navy and the Directorate General of Shipping. The National Maritime Domain Awareness project led by the Indian Navy and implemented by Bharat Electronics Ltd. (BEL) was approved by the government in 2022. It aimed to provide “actionable intelligence for tackling maritime threats” through an integrated intelligence grid responding to sea-based threats. Work is also ongoing to create a specific maritime CERT (Computer Emergency Response Team), i.e., ‘a specialised agency to handle cyber incidents, coordinate responses, and set security standards for India’s maritime sector’.[x]
Trends in Cyber-related Attacks in the IOR
There have been more than 50 cyber-related attacks on the Indian Ocean, as reported by data from the MCAD Maritime Cyber Attack Database developed by NHL Stenden in the Netherlands.[v] While there are more than 200 ports in the IOR, India alone has a 7,500 km coastline and harbours 12 major ports and 200 minor ones.[vi] Around 80 per cent of global oil trade and 70 per cent of world container traffic pass through IOR.[vii] Cyber-related attacks in the IOR today target the CII of each nation. This is attributed to a convergence of threats, meaning cyberattack incidents in the region have evolved and now include within themselves other challenges, such as piracy, armed robberies, unregulated fishing, illegal trafficking, and freedom of navigation. With the infusion of simple malware into the systems, the threat posed by cyber-related attacks in the region is not just limited to financial losses but a myriad of other issues.
In India in 2017, operations at one of the three terminals of Jawaharlal Nehru Port Trust (JNPT) were impacted due to a global ransomware attack.[xi] In 2021, All India Cargo Logistics was also a victim of a ransomware attack where hackers stole 2 terabytes of data and shut down email systems.[xii] In 2022, TVS Supply Chain Solutions, an Indian logistics company, was attacked by the Karakurt group, associated with Russia, disrupting their logistics services and thus the movement of goods across various supply chains.[xiii] The Cochin Shipyard, CSL, which builds indigenous aircraft carriers for the Indian Navy, experienced a website down in 2023.[xiv] Elsewhere in 2021, near the Bab-El-Mandeb Strait, a ransomware attack through a phishing email impacted the terminal operations of a container terminal, leading to $5 million in estimated losses, and dozens of vessels were rerouted, creating congestion.[xv]
In the Western Indian Ocean, a new pattern of cyber-related attacks has been prevalent, which sees the integration of cyber piracy into the existing domain of piracy. In 2020, a crude oil tanker was compromised as it experienced unexplained deviations on its ECDIS (Electronic Chart Display and Information System), which led to the vessel being steered off-course.[xvi] In 2022, numerous ships were seen to automatically report false Automatic Identification System (AIS) positions.[xvii] The impact of this was precarious, as their false AIS positions were reported to be around militarised zones, including areas under embargo or international surveillance, and subsequently emergency distress signals were sent to regional navies.[xviii] In the same year again, logistics systems in the port of Djibouti were attacked, where data were extracted on military shipments and commercial cargo.[xix]
Nearly 20 per cent of the global seafood catch, worth an estimated $10–23.5 billion per year, is lost to illegal, unreported, unregulated (IUU) fishing.[xx] In the same context, the IOR accounts for more than 10 per cent of the global fishing trade.[xxi] Today, satellite-based data are able to detect fishing activities, movement of vessels, and details of ownership.[xxii] With current mechanisms on cybersecurity in the maritime domain unregulated and unchecked in the IOR, stealing this data through hacking would mean hackers can increase the rate of IUU fishing. The increasing rate of cyberattacks by non-state actors in the maritime domain also carries a potential cyber espionage threat. These actors could use their access to key information and manipulation to create false narratives, trigger panic, and achieve geopolitical objectives. In addition, global trade, including supplies of machinery, automobiles, oil, and raw materials, remains under threat due to these attacks, impacting the global supply chain, as ships can now be rerouted, and cargoes could be stolen for other financial gain if the digital systems in ships are to be hijacked. Once systems are hijacked, hackers are also able to manufacture ‘ghost ships’ or make actual ships ‘undetected’. This leads to manipulating cargo data with control authorities, thereby providing the platform to carry out smuggling and illegal trafficking.[xxiii]
Cooperation Efforts on Maritime Cybersecurity in the IOR
Important multilateral frameworks and organisations within the IOR, like QUAD and the Colombo Security Conclave (CSC), have seen substantial discussions on cybersecurity in the maritime domain. In the CSC, the pillar of ‘Cybersecurity and Protection of Critical Infrastructure and Technology’ was launched in 2022 to tackle key cyber threats in digital forensics, increase cyber threat intelligence and defensive operations in the cyber domain.[xxiv] Immediately following this in 2022, India took a step when the Indian Coast Guard began mobilising efforts, conducting a two-day maiden Coastal Security Conference at Chennai with the participation of Coast Guards from the member nations of the CSC to address maritime cybersecurity issues.[xxv] The 2025 CSC held in New Delhi also saw greater emphasis on threats to CII; as naturally interconnected digital systems, these are exposed to more complex attacks.
The growing importance of cybersecurity at QUAD was seen at the 2024 Foreign Ministers Meeting, where systems, training and capacity building were stressed upon to build cybersecurity resilience in the maritime sector. Capacity-building projects like the Quad Cyber Bootcamp and Quad Cyber Challenge were launched to drive up interest in global cybersecurity professionals and pool greater public resources.[xxvii] Coordinated responses, including pooling resources, sharing best practices, and conducting joint cybersecurity drills, were reiterated to deter any form of cybercrime. It was also emphasised to create a robust cybersecurity framework and extend support to nations in the Indo-Pacific region to help them formulate their own cybersecurity capabilities.[xxviii] The leaders also stressed using the Indo-Pacific Partnership for Maritime Domain Awareness (IPMDA) to check on IUU fishing in case of cyber threats.[xxix]
Information sharing has been a key facet of tackling cybersecurity challenges, as well as contributing to larger Maritime Domain Awareness Initiatives (MDA), and Fusion Centres have played a key role in facilitating them. The Information Fusion Centre – Indian Ocean Region (IFC-IOR), started by India in 2018, has worked to forge common links with other maritime security centres.[xxx] The India, France, and Australia Trilateral have also conducted training for employees to use Indian Ocean Region Information Sharing – an EU-developed web-based communication and coordination system for information - exchange.[xxxi]
Besides, India has promoted agreements and talks on cybersecurity in the maritime domain with important partners in the region. The 1st Indo-Malaysia Security Dialogue in 2025 saw the two nations work to enhance cooperation in cybersecurity through the formation of a ‘joint focus group to address non-traditional maritime security threats’.[xxxii] The visit of Morocco’s Defence Minister to India also stressed building a comprehensive roadmap on maritime security and cyber defence, thereby building on multilateral cooperation and coordination along the Indian Ocean corridors.[xxxiii] Similar commitments to developing a joint assessment on maritime threats, including cybersecurity, were also made during the 7th India-France Maritime Cooperation Dialogue in January 2025.[xxxiv]
The Road ahead in Ensuring Cyber Resilience across the IOR
Cyber-attacks have rampaged the digital ecosystem of ports and ships around the world. Attacks happening in other parts of the world can also impact nations within the IOR. Many nations are involved in a supply chain process, and large attacks would impact the flow of trade between various points until its final destination. Maritime cybersecurity in the Indian Ocean is thus an emerging field, but one that can affect nations unequivocally. Most of the nations in the IOR, barring a few, are developing nations, and therefore, resource sharing becomes critical if a threat looms close.
The future of maritime cybersecurity for this region would thus depend on many factors. First, there is a need to acknowledge the threat it poses and its linkages to many other non-traditional security threats. It is evident that many nations in the region are victims of climate change, piracy, illegal smuggling, and transnational crimes. Cybersecurity carries with it the potential to unite all of them under a single umbrella. Secondly, in order to tackle these threats, these nations have to be unified as a whole. Each nation in the IOR has different security interests, and not many feel the need to discuss maritime cybersecurity issues; very few, indeed, address it as a concern.
The regional organisations, including Indian Ocean Rim Association (IORA) and IONS, lack the required capacity to deal with these issues. It is evident that strengthening maritime security would come through enhancing information sharing, promoting dialogue between maritime agencies, and building capacity through training and workshops. Complementing these practices with cybersecurity-related mechanisms could be of small yet critical value, ensuring a holistic cover to CIIs. India has also seen considerable progress in launching indigenous web platforms like e-Samudra (uniting all maritime services under one umbrella) and through Quantum Technology building mechanisms to safeguard its critical infrastructure. These are technologies that, if implemented well, could be shared across the region.
The IORA Stands as the Principal Regional Organisation in the Region. While ‘Maritime Security and Safety’ stands as one of IORA’s six priority areas, there has been no consensus among nation-states on a unified maritime security architecture and little discussion on tackling cybersecurity. As India takes on the chair of IORA for 2 years, it can initiate discussions on maritime cybersecurity capabilities and seek cooperation to boost cyber resilience across the region. Without the presence of a common maritime security architecture in the IOR, cyber-related attacks are today posing an even more difficult challenge. The trends of these attacks and international cooperation in the region show that future solutions can only be achieved collectively.
*****
*Zeeshan Ali, Research Intern, Indian Council of World Affairs, New Delhi
Disclaimer: Views expressed are personal.
References
[i] Navy chief flags rising cyber threats to India’s maritime sector, Hindustan Times, October 16, 2025, https://www.hindustantimes.com/india-news/navy-chief-flags-rising-cyber-threats-to-india-s-maritime-sector-101760620207947.html
[ii] Ibid.
[iii] National Critical Information Infrastructure Protection Centre https://nciipc.gov.in/
[iv] Ports functioning as complex digital ecosystems, Fernando Almeida, October 31, 2025, https://www.mdpi.com/2673-7116/3/4/34
[v] MCAD Maritime Cyber Attack Database, University of Applied Sciences, NHL Stenden, https://maritimecybersecurity.nl/incident/GqKo3Ylmx0
[vi] Sagarmanthan 2024: India’s Maritime Vision, Press Information Bureau, November 19, 2024
[vii] When the Indian Ocean Calls: A New Security Architecture for a Turbulent World. Northeast News, Pallab Bhattacharya, December 1, 2025, https://nenews.in/opinion/when-the-indian-ocean-calls-a-new-security-architecture-for-a-turbulent-world/37010/
[viii] Navy chief flags rising cyber threats to India’s maritime sector, Hindustan Times, October 16, 2025, https://www.hindustantimes.com/india-news/navy-chief-flags-rising-cyber-threats-to-india-s-maritime-sector-101760620207947.html
[ix] Securing Indian Ports: Cybersecurity Vulnerabilities and the Road Ahead, Anusha Guru, ORF Online, July 17, 2025, https://www.orfonline.org/expert-speak/securing-indian-ports-cybersecurity-vulnerabilities-and-the-road-ahead
[x] India’s Cybersecurity Ecosystem Scales New Heights: 400+ Startups and 6.5 Lakh Professionals Powering a $20 Billion Industry: Dr Sanjay Bahl, Director General, CERT-In & Controller of Certifying Authorities (CCA) in India, Press Information Bureau, Ministry of Electronics and IT, October 29, 2025, https://www.pib.gov.in/PressReleasePage.aspx?PRID=2183994®=3&lang=2
[xi] India’s largest container port, JNPT, hit by ransomware, June 28, 2017, https://timesofindia.indiatimes.com/india/indias-largest-container-port-jnpt-hit-by-ransomware/articleshow/59346704.cms
[xii] All Cargo Logistics (ECU Worldwide) hit by a ransomware attack in India, MCAD Maritime Cyber Attack Database, University of Applied Sciences, NHL Stenden, https://maritimecybersecurity.nl/incident/QNJ62pgzB0
[xiii] TVS Supply Chain Solutions hit by Karakurt, MCAD Maritime Cyber Attack Database, University of Applied Sciences, NHL Stenden, https://maritimecybersecurity.nl/incident/MyKmGGXmYW
[xiv] The website of India's Cochin shipbuilding and maintenance yard was hit by a DDoS attack from a hacktivist group, MCAD Maritime Cyber Attack Database, University of Applied Sciences, NHL Stenden, https://maritimecybersecurity.nl/incident/GqKo3Ylmx0
[xv] Maritime Cybercrimes in the Red Sea and the Indian Ocean: Case Studies https://www.linkedin.com/pulse/maritime-cybercrimes-red-sea-indian-ocean-case-studies-d-auzon-sgtre
[xvi] Ibid.
[xvii] Ibid.
[xviii] Ibid.
[xix] Ibid.
[xx] How data and tech can help combat illegal fishing, Alfredo Giron, World Economic Forum, May 20, 2022, https://www.weforum.org/stories/2022/05/how-can-data-and-tech-help-the-seafood-industry-to-combat-illegal-fishing/
[xxi] Casting Nets, Catching Success, India’s Fisheries on the Rise, Press Information Bureau, February 15, 2025
https://www.pib.gov.in/FactsheetDetails.aspx?Id=149135®=3&lang=2
[xxii] How data and tech can help combat illegal fishing, Alfredo Giron, World Economic Forum, May 20, 2022, https://www.weforum.org/stories/2022/05/how-can-data-and-tech-help-the-seafood-industry-to-combat-illegal-fishing/
[xxiii] Maritime Terrorism and Border Threats: Enhancing India, Marshall Anto I, Electronic Journal of Social and Strategic Studies, May 31, 2025, https://ejsss.net.in/print_article.php?did=15748
[xxiv] Joint Press Statement of the 5th NSA Level Meeting of the Colombo Security Conclave held on 09 – 10 March 2022, in Maldives, Ministry of External Affairs, March 10, 2022, https://www.mea.gov.in/press-releases.htm?dtl/34943/Joint_Press_Statement_of_the_5th_NSA_Level_Meeting_of_the_Colombo_Security_Conclave_held_on_09__10_March_2022_in_Maldives
[xxv] COASTAL SECURITY CONFERENCE (CoS) UNDER THE AEGIS OF COLOMBO SECURITY CONCLAVE (CSC) CONDUCTED BY INDIAN COAST GUARD ON 01-02 AT CHENNAI, Indian Coast Guard, https://indiancoastguard.gov.in/sites/default/files/202212030521267307931Press_release_COLOMBO_CSC_01_Dec_22.pdf
[xxvi] PM Modi declares 2026 as ASEAN-India Year of MaritimeCooperation, DD News, October 26, 2025, https://ddnews.gov.in/en/pm-modi-declares-2026-as-asean-india-year-of-maritime-cooperation/
[xxviii] Japan, U.S., Australia, and India Collaborate to Enhance Maritime and Cybersecurity in Asia-Pacific, Marc, Cybersec Asia, August 12, 2024, https://cybersec-asia.net/japan-u-s-australia-and-india-collaborate-to-enhance-maritime-and-cybersecurity-in-asia-pacific/
[xxix] Ibid.[xxx] Maritime Security: Memorandum of Understanding (MoU) between The Information Fusion Centre - Indian Ocean Region (IFC-IOR) and Regional Coordination Operations Centre (RCOC), Indian Navy, https://indiannavy.gov.in/node/35588
[xxxi] The Power of Three at Sea: India’s Trilateral Partnerships in Action. Saaz Lahiri, National Maritime Foundation, August 4, 2025, https://maritimeindia.org/the-power-of-three-at-sea-indias-trilateral-partnerships-in-action/
[xxxii] India-Malaysia joint focus group to tackle new maritime security threats, Business Standard, February 19, 2025, https://www.business-standard.com/external-affairs-defence-security/news/india-malaysia-joint-focus-group-to-tackle-new-maritime-security-threats-125021900975_1.html
[xxxiii] India and Morocco Sign MoU to Deepen Defence Cooperation, Ministry of Defence, Government of India, September 22, 2025, https://www.pib.gov.in/PressReleasePage.aspx?PRID=2169733®=3&lang=2
[xxxiv] India and France to jointly assess maritime threats in Indian Ocean Region, Shivani Sharma, India Today, January 21, 2025, https://www.indiatoday.in/india/story/india-and-france-to-jointly-assess-maritime-threats-in-indian-ocean-region-2667770-2025-01-21
