Business Sectors
Events
Offshore Wind Webinar Week
22 Sep 2025
BST - ONLINEContents
Register to read more articles.
AI versus AI: keep humans in the loop
Artificial intelligence will become increasingly important in the constantly evolving cyber landscape, and trained seafarers will be key to preventing incursions becoming accidents
Artificial intelligence (AI) can help shipping companies improve their defences against cyber threats and attacks by improving their detection and providing insight on vulnerabilities. But cyber criminals and state-backed attackers are also using AI to improve their attacks and break down defences protecting maritime operational technology (OT).
Ship operators, owners and managers are facing escalating AI-driven cyber attacks targeting OT such as navigation equipment, ballast water management and engineroom controls, and are struggling to navigate ships when Global Navigation Satellite Systems are jammed or spoofed in areas of conflict. Solutions are needed, supported by AI and human intelligence.
An expert panel discussed how AI is being used by attackers and defenders during Riviera’s AI versus AI: defending maritime OT systems from AI-powered cyber attacks webinar, which was held on 1 July 2025 during Riveria’s
Seaspan Corp marine manager and chief security officer Tanvir Singh; ABS Consulting technical director for cyber security Ron Fabela; and International Association of Ports and Harbors (IAPH) vice chair of the Data Collaboration Committee and managing director of Marinnovators Consulting, Gadi Benmoshe.
explored how cyber criminals are leveraging AI and large language models to create sophisticated phishing campaigns that evade traditional detection methods, and provided insights into securing critical ship systems such as navigation, propulsion and cargo handling against these advanced threats.
Capt Singh explained how seafarers and shipboard systems are vulnerable to advanced attacks. “AI-driven threats are evolving, so maritime needs to develop defences,” he said. AI-assisted attacks include highly personalised phishing that urges seafarers or onshore staff into what looks like authorised actions, but these are fraudulent and must be reported.
“Having the human in the loop is important for cyber security”
Capt Singh said GPS spoofing is another form of cyber attack that is “causing navigational errors and accidents”.
Ship OT and communications systems are also vulnerable to cyber attacks, such as VSAT, engine and ballast water controls and ECDIS. “These are often working on older software that needs patching and upgrading,” said Capt Singh. “Do not underestimate the cyber risks.”
He offered real-world incidents of maritime cyber attacks that left ships at risk including recent GPS spoofing in the Black Sea, eastern Mediterranean and Strait of Hormuz. Memory sticks can be used to deliver malware into OT, with one ship suffering an engine management system shutdown through this type of incident. Another vector of attack came from fraudulent messages from a port control, which caused a ship to miss its berthing window and resulted in supply chain setbacks.
“AI-powered threats are actively influencing maritime,” said Capt Singh. "To counter these attacks, we need defence strategies, by leveraging AI to detect issues and flag deviations that demonstrate a cyber incursion is happening before it becomes an incident.”
He urges shipping companies to ensure OT is isolated from IT on ships to prevent the spread of malware and to “train seafarers to detect cyber issues.”
Mr Fabela agreed technology is advancing for both adversaries and defenders, but he emphasised the critical importance of humans in implementing cyber security and preventing attacks from breeching defences.
“AI has levelled the playing field and means anyone can get knowledge on anything in the world, but it does not give them experience,” he said. “Having the human in the loop is important for cyber security.”
AI can provide managers and seafarers with additional information faster to make more informed decisions, but humans provide context, intelligence and analysis to the data.
“Adversaries are adopting AI to access information, but defenders also have the ability by use AI to unlock new information, to grow knowledge and learn from an expanded information field to defend against these attacks,” said Mr Fabela. “AI is an accelerator to get information on regulations and local rules. Organisations do not have to start from scratch.”
He said AI can aid and test firewalls, detect intrusions, and be applied to training people. It is a “powerful defensive weapon” for companies and people to use against attacks. But it needs human input and interpretation.
“AI will know the what as it can get this off the internet and through machine learning, but it does not understand the how or the why,” said Mr Fabela. “Context is key, and it is what human operators bring. Humans have unique knowledge.”
He reminded webinar attendees AI is only as good as the information it is trained on and can be biased, so its information needs validation.
“AI is accelerating, and attackers are using it”
Mr Benmoshe provided insight into cyber threats, vulnerabilities and solutions from a ports perspective. He said IAPH published cyber resilience guidelines this year and emphasised how emerging technologies are impacting maritime.
These are quantum computing, AI, drones, internet of things (IoT), 5G connectivity, automation and green energy.
“AI is accelerating, and attackers are using it,” he said. “We must be aware of that in our organisations and access security risks and vulnerabilities by introducing emerging technologies.
Cyber security should be incorporated into technologies from the beginning to prevent issues in the future. Mr Benmoshe used the examples of GPS jamming and spoofing to demonstrate how a system designed without cyber risk knowledge has led to multiple incidents.
He said organisations need to conduct holistic cyber-security assessments when integrating technologies, such as in ports where more automation systems are being installed.
“Avoid misconceptions that non-IT systems do not require cyber-security assessments,” Mr Benmoshe said.
Webinar poll results
Attendees were asked to vote on a series of poll questions during the webinar. Here is a summary of the results.
When was the last time your organisation conducted a cyber security assessment of the OT infrastructure?
Less than 6 months ago: 56%
7-18 months ago: 20%
More than 18 months ago: 24%
Which system do you believe is most vulnerable to AI-enabled cyber attacks aboard ships?
Communication systems (email/VSAT): 67%
ECDIS and navigation systems: 22%
Propulsion and engine control: 7%
Ballast and cargo monitoring systems: 4%
How often is cyber awareness training conducted for crew and shore teams in your organisation?
Annually: 48%
Quarterly: 36%
Every 1-2 months: 8%
Never/Not yet implemented: 8%
What is the most important defence strategy for ships in 2025?
Segmentation of OT/IT networks: 35%
Continuous crew training and drills: 30%
Strong access control and vendor management: 25%
AI-based threat detection and automation: 5%
Blockchain-backed data integrity: 5%
(source: Riviera Maritime Media)
On the panel of Riviera’s AI versus AI: defending maritime OT systems from AI-powered cyber attacks webinar were (left to right): ABS Consulting technical director for cyber security Ron Fabela; International Association of Ports and Harbors (IAPH) vice chair of the Data Collaboration Committee, Gadi Benmoshe; and Seaspan Corp marine manager and chief security officer Tanvir Singh
Related to this Story
Events
Offshore Wind Webinar Week
22 Sep 2025BST - ONLINE
Maritime Decarbonisation, Europe: Conference, Awards & Exhibition 2025
30 Sep 2025Amsterdam
Offshore Support Journal Conference, Americas 2025
07 Oct 2025Rio de Janeiro
© 2024 Riviera Maritime Media Ltd.
