The U.S. Coast Guard Cyber Command released its fourth annual Cyber Trends and Insights in the Marine Environment (CTIME) report in May 2025.
This report catalogs the persistent cybersecurity risks faced by maritime owners and operators, as well as best practices to drive hardening actions and secure critical systems. The analysis and recommendations in this report are based on observations from operations, technical exchanges, and industry engagements conducted by Coast Guard Cyber Protection Teams (CPTs) and CGCYBER’s Maritime Cyber Readiness Branch in 2024.
With the report, the Coast Guard aims to provide it units, partners, and all stakeholders with key insights to identify and address current and emerging cyber threats.
The U.S. Coast Guard continues its commitment to securing critical systems in the Marine Transportation System (MTS) by collaborating with the maritime industry to share best practices and provide insights into evolving cyber risks. In the modern MTS, the interconnectedness of operational technology and information technology increases the risk of cyber attacks. CTIME expands on these recent findings derived from engagements with MTS partners throughout 2024, conducted by Coast Guard Cyber Protection Teams (CPTs) and the Maritime Cyber Readiness Branch.
“The adoption of new technologies continues to drive operational efficiencies while also creating new vulnerabilities and attack vectors. CGCYBER is committed to partnering with industry to address this evolving threat landscape and protect the Marine Transportation System in cyberspace,” said Rear Admiral Jason Tama, Commander, U.S. Coast Guard Cyber Command.
Four key takeaways from the report include:
- Supply chain risks and other observed vulnerabilities exist within ship-to-shore cranes manufactured in China.
- While every crane configuration and employment method varies, through its assessments, the Coast Guard has identified several best practices that should be applied to mitigate some of the most common vulnerabilities.
- Improved connectivity and the proliferation of networked technology create new cyber risks for vessels.
- With improvements in satellite networks and more networked technology, vessels are more integrated with their company’s enterprise networks than ever before. While there are significant operational benefits, this creates cybersecurity risks that did not exist before. Cyberattacks impacting a company’s enterprise network are now far more likely to impact shipboard Information Technology (IT) systems and potentially impact vessel operations.
- There was an uptick in cyber incidents and CPT missions involving cloud systems and services.
- Cloud services are now utilized by a majority of organizations in the MTS; however, there continues to be a misunderstanding of security responsibilities. A misconception that the cloud service provider owns all the security responsibilities persists, but companies using cloud computing still retain (at least) partial responsibility for security of their systems and data.
- Similar cybersecurity vulnerabilities were observed in previous CTIME reports, however the baseline cybersecurity posture has been improved across the Marine Transportation System.
- Widespread adoption of Multi-Factor Authentication and technical improvements against phishing have helped drive this change, but there is still much more work to do. Effective cybersecurity requires vigilance and continuous improvement.
The full report contains insights and recommendations valuable for all Coast Guard units and organizations ranging from large, cyber-mature organizations to small businesses looking to build out their own cybersecurity programs.
