Splash247: AI’s dark side exposes shipping’s cyber readiness gap

Published by Splash247

Kris Vedat, CEO of SmartSea, writes for SplashTech today.

AI is promising enormous benefits for the maritime industry. However, as shipping embraces digitalisation, seafarers are not being trained at the same pace as the technology.

Today’s seafarers enter an industry which is more connected than ever before. Whilst this is hugely beneficial, cyber awareness and digital resilience remain largely absent from the mandatory training that underpins maritime safety. While we have seen requirement introduced for US-flagged vessels for seafarers to carry out cyber security training as part of their STCW training, we are still waiting to this to be implement as a global standard. Cyber security should be a mandatory element of STCW Basic Training. In addition, the cyber threat is now so serious that the IMO should formally table this issue as a priority for global maritime training standards.

The industry can no longer treat cyber resilience as an optional company-led initiative or a specialist IT function. As AI makes cyberattacks faster, more convincing and harder to detect, every seafarer needs a basic level of cyber awareness from the start of their career. At SmartSea, we are seeing a clear increase in phishing attempts and cyberattacks targeting maritime organisations.

That trend should concern everyone across the industry. As AI tools become more powerful and more widely available, cybercriminals are using them to make attacks faster and more convincing.

That is why maritime training needs to evolve. Across maritime and logistics, incidents affecting DP World Australia, the Port of Nagoya and DNV’s ShipManager platform have demonstrated how disruptive cyber incidents can be to operations. While these attacks were not necessarily driven by AI, the pathways already exist. AI is simply making cyberattacks faster, more scalable and significantly harder to stop.

For an industry built on trust, communication and time-critical decision-making, this presents a serious challenge. Every day, seafarers and shore personnel receive instructions, process documentation, respond to requests and interact with digital systems. A superintendent sends a message, an agent requests paperwork, a supplier changes banking details or a crew member receives a login prompt. Increasingly, AI can be used to make fraudulent communications appear legitimate, whether through convincing emails, cloned voices, manipulated videos or realistic digital identities.

The reality is that cyber resilience is no longer solely a technology issue, it is a people issue. Crews are often the first line of defence against suspicious activity. However, they can only do so if they have been trained to understand what to look for.

Introducing cyber awareness at the beginning of a seafarer’s career would help establish a consistent global baseline of digital competence across the industry. It would also reduce the significant variations that currently exist between companies, where cyber training often depends on individual budgets, priorities or levels of maturity.

Creating a more cyber-resilient industry will however require a higher level of collaboration. Shipowners and managers must continue investing in training and awareness programmes while technology providers must design systems that are secure and user-friendly. Regulators and industry bodies must also work together to ensure standards keep pace with technological change.

AI-assisted cyberattacks will continue to evolve and the maritime industry cannot rely solely on technology. Its strongest defence will always be a well-trained workforce capable of recognising threats, questioning suspicious activity and responding appropriately.

The shipping industry has continually adapted its training standards to reflect changing risks. As digital technologies become more embedded in vessel operations, cyber awareness should be considered part of that same evolution. Preparing seafarers for the future means giving them the skills to manage not only the physical demands of life at sea, but also the digital risks that now form part of modern maritime operations.