Maritime ports handle 80% of global trade and serve as critical nodes in NATO’s defence logistics network, yet they face unprecedented cybersecurity threats from state-linked actors. Recent intelligence shows a high frequency of cyber attacks affecting port facilities across Europe and the Mediterranean, with a significant proportion of these attacks traced back to threat actors originating from Russia, Iran, and China. This trend highlights the pressing need for coordinated policy and security responses. Our analysis reveals that nearly all surveyed countries have experienced cyber attacks within the past five years, with access control systems and vessel traffic management systems identified as the main reported risks.
The blurring of responsibilities between national and international, public and private entities particularly challenges current NATO civil-military coordination mechanisms, as most critical port infrastructure remains under civilian control while serving essential military logistics functions. The current NATO Alliance Maritime Strategy lacks formalised frameworks for engagement with commercial port operators, despite their critical role in maritime security and NATO logistics operations.
Information and communication technology (ICT) and operational technology (OT) underpin all land and sea-based maritime operations. Maritime port cybersecurity requires immediate policy intervention to establish sector-specific intelligence sharing networks, coordination mechanisms, and resilience standards. The recommendations outlined in this brief provide a framework for strengthening NATO’s maritime cyber defence while preserving the commercial efficiency that makes the ports economically vital. The cost of inaction far exceeds the investment required for comprehensive maritime cybersecurity.