News + Resources
Industry news, Astaara press releases & maritime cyber risk resources
In 2024, the UK’s National Cyber Security Centre (NCSC), alongside nine international partners, issued a joint advisory to ports, logistics operators, and other organisations potentially involved in supporting Ukraine. The warning attributed a series of malicious cyber activities to a sub-unit of the GRU (Russian military intelligence).
According to the advisory, threat actors have been gaining access to victim networks to collect intelligence on supply chains supporting Ukraine, what is being supplied and when, with the potential to use that knowledge to ban the support in some way.
The methods used are not novice: credential guessing, spear phishing, MS Exchange permissions exploitation, granting the GRU access to networks and systems.
Most of this is blockable.
Ensuring your systems are secure isn’t just prudent — it’s fundamental to running a resilient business. Strong cyber hygiene allows you to continue operating, trading, and serving customers even in uncertain and high-risk times.
Ports are especially exposed. By their nature, they must operate continuously, and as critical national infrastructure they are attractive targets for state-aligned actors. We have already seen the United States brief port operators on removing China-originated software from crane systems — a clear signal of how seriously these risks are being treated.
The expectations are equally clear. IT and operational technology (OT) systems must be fully patched wherever fixes are available. Where patches do not yet exist, compensating controls must be implemented — including strict network segregation, enhanced monitoring, and robust authentication methods such as hardware-based MFA or passkeys rather than SMS-based verification. Security updates should be applied promptly after release, not deferred.
Actors such as Russia’s military intelligence service, the GRU, have succeeded in gaining access precisely because they understand where organisational gaps tend to exist. Now that agencies including the National Security Agency (NSA) and the National Cyber Security Centre (NCSC) have spoken publicly about the threat, expectations have shifted. Organisations designated as critical infrastructure will not be afforded leniency if they fail to act.
The regulations are clear and are being toughened to include not only the port operators but also their service providers. The regulations are there for a reason: they have been warned.
Astaara Underwriting UK Limited is an appointed representative of Davies MGA Services Limited, a company authorised and regulated by the Financial Conduct Authority under firm reference number 597301 to carry on insurance distribution activities. Astaara Underwriting UK Limited is registered in England and Wales company number 12570450. Registered office at 5th Floor 20 Gracechurch Street, London, United Kingdom, EC3V 0BG.
