this post was submitted on 28 Jul 2025
22 points (92.3% liked)

Europe

6905 readers
1024 users here now

News and information from Europe 🇪🇺

(Current banner: La Mancha, Spain. Feel free to post submissions for banner images.)

Rules (2024-08-30)

  1. This is an English-language community. Comments should be in English. Posts can link to non-English news sources when providing a full-text translation in the post description. Automated translations are fine, as long as they don't overly distort the content.
  2. No links to misinformation or commercial advertising. When you post outdated/historic articles, add the year of publication to the post title. Infographics must include a source and a year of creation; if possible, also provide a link to the source.
  3. Be kind to each other, and argue in good faith. Don't post direct insults nor disrespectful and condescending comments. Don't troll nor incite hatred. Don't look for novel argumentation strategies at Wikipedia's List of fallacies.
  4. No bigotry, sexism, racism, antisemitism, islamophobia, dehumanization of minorities, or glorification of National Socialism. We follow German law; don't question the statehood of Israel.
  5. Be the signal, not the noise: Strive to post insightful comments. Add "/s" when you're being sarcastic (and don't use it to break rule no. 3).
  6. If you link to paywalled information, please provide also a link to a freely available archived version. Alternatively, try to find a different source.
  7. Light-hearted content, memes, and posts about your European everyday belong in other communities.
  8. Don't evade bans. If we notice ban evasion, that will result in a permanent ban for all the accounts we can associate with you.
  9. No posts linking to speculative reporting about ongoing events with unclear backgrounds. Please wait at least 12 hours. (E.g., do not post breathless reporting on an ongoing terror attack.)
  10. Always provide context with posts: Don't post uncontextualized images or videos, and don't start discussions without giving some context first.

(This list may get expanded as necessary.)

Posts that link to the following sources will be removed

Unless they're the only sources, please also avoid The Sun, Daily Mail, any "thinktank" type organization, and non-Lemmy social media. Don't link to Twitter directly, instead use xcancel.com. For Reddit, use old:reddit:com

(Lists may get expanded as necessary.)

Ban lengths, etc.

We will use some leeway to decide whether to remove a comment.

If need be, there are also bans: 3 days for lighter offenses, 7 or 14 days for bigger offenses, and permanent bans for people who don't show any willingness to participate productively. If we think the ban reason is obvious, we may not specifically write to you.

If you want to protest a removal or ban, feel free to write privately to the primary mod account @EuroMod@feddit.org

founded 1 year ago
MODERATORS
federalreverse@feddit.org
poVoq@slrpnk.net
anzo@programming.dev
EuroMod@feddit.org
22
NATO warns of state-linked cyberattacks on Europe’s civilian ports, exposing critical gaps in maritime defense (industrialcyber.co)
submitted 1 week ago by Hotznplotzn@lemmy.sdf.org to c/europe@feddit.org
1 comments fedilink hide all child comments
 

Archived

[...]

As cyber operations increasingly disrupt access control and vessel traffic systems, the lack of clear coordination between military and civilian stakeholders is becoming a strategic vulnerability. Despite the civilian ownership of most port infrastructure, these facilities play an essential role in NATO’s defence network, yet NATO’s current maritime strategy lacks formal frameworks for engagement with commercial port operators, despite their critical role in maritime security and NATO logistics operations.

In its policy brief titled, ‘Addressing State-Linked Cyber Threats to Critical Maritime Port Infrastructure,’ NATO CCDCOE [Cooperative Cyber Defence Centre of Excellence ] identified that maritime port facilities face a range of threats from state-sponsored advanced persistent threats (APTs), financially motivated cybercriminals, and politically driven hacktivists. These threats are remarkably consistent regardless of geographical location, and the tactics, techniques, and procedures (TTPs) are the same if not identical across Europe, the Americas, and the Asia Pacific regions.

[...]

As hybrid warfare tactics combine physical and cyber operations, the divide between civilian and military maritime security is increasingly blurred. This undermines NATO’s coordination mechanisms, especially since most strategic port assets remain in civilian hands.

[...]

Since Russia’s full-scale invasion of Ukraine in 2022, Moscow has intensified its use of hybrid tactics, including sabotage, disruption operations, and support for extremist groups, to weaken critical infrastructure and erode public trust in democratic systems. In May 2025, NATO and several European governments issued a joint cybersecurity advisory confirming that APT28 (Fancy Bear), linked to Russia’s GRU military intelligence agency, had launched widespread cyberattacks against Western logistics and tech firms spanning nearly every mode of transportation.

According to the Nordic Maritime Cyber Resilience Centre (NORMA Cyber), Fancy Bear has specifically targeted maritime operators, logistics companies, and air traffic control networks in at least 11 countries.

[...]

Threat groups such as Yellow Lideric (Imperial Kitten), APT35 (Charming Kitten), MuddyWater, and the IRGC-linked persona Cyber Aveng3rs have hit ports across Israel, Egypt, and the Eastern Mediterranean. Their targets have included Israel’s Ashdod and Haifa ports, the latter handling 88 percent of the country’s maritime traffic, as well as the BAZAN oil refinery and Egypt’s Port Said, each a critical link in global trade flows.

[...]

These incidents underscore a growing pattern of state-sponsored cyber operations aimed at disrupting critical infrastructure. Ports, in particular, present high-value targets, not only for their role in global trade but for their importance in military logistics. Cyberattacks on these systems can inflict serious financial damage while also undermining operational readiness.

[...]

“In January 2022, ransomware attacks unfolded over several days, targeting at least 17 major oil port terminals in Belgium, the Netherlands, and Germany. These attacks affected some of the largest ports in the region, such as Hamburg, Ghent, Antwerp-Zeebrugge, and Rotterdam. European prosecutors and cybersecurity officials investigating these attacks found that ransomware forced oil suppliers to reroute their products, disrupting operations.”

Further, it added that this could disrupt and delay military operations in the region. Investigations by the Antwerp public prosecutors’ office highlighted the complexity of attributing such cyberattacks.

According to Germany’s Federal Office for Information Security (BSI), the state-linked BlackCat ransomware group was responsible for these attacks. Meanwhile, the now-defunct state-linked Conti ransomware group was identified as responsible for the cyber attack on Ghent-based international terminal operator Sea-Invest.

[...]

In parallel, the brief urges the formation of international maritime cybersecurity working groups under the International Maritime Organization. These groups would unite port operators, shipping firms, government bodies, and cybersecurity specialists to develop consistent, maritime-specific security standards across the Alliance. Their focus would include creating actionable guidance for implementing existing cybersecurity frameworks, such as the NIST Framework and NIS2, tailored to the OT and IT complexities unique to port environments.

[...]

you are viewing a single comment's thread
view the rest of the comments
[–] bungalowtill@lemmy.dbzer0.com 1 points 1 week ago

Oh well, you know NATO’s just a military alliance under the command of a fascist nation, so who gives a fuck.