Navy chief flags rising cyber threats to India’s maritime sector

New Delhi: Navy chief admiral Dinesh K. Tripathi on Thursday highlighted the growing cyber vulnerabilities as India’s maritime domain rapidly transforms through digital technologies.

Speaking at a seminar — Impact of Cyber-attacks in Maritime Sector and Its Effects on National Security and International Relations — Tripathi said that with 12 major ports, over 200 non-major ports, and over 11,000 km of coastline with expanding blue economy projects, the implications of a cyber disruption could be enormous.

“The seas are our global commons. A cyber disruption at sea, or in any major port, therefore, does not remain confined to one nation’s boundaries. Its impact can ripple across supply chains, distort global markets, and even unsettle diplomatic equations,” Tripathi added.

Organised by the ministry of defence and ministry of ports, shipping and waterways, the seminar saw participation from cybersecurity experts, academicians, Indian Computer Emergency Response Team (CERT-In) officials, and Navy officers.

Minister of state for electronics and information technology Jitin Prasada, the chief guest at the seminar, said that India faced millions of cyberattacks during Operation Sindoor and that the four-day military standoff between India and Pakistan tested India’s resolve and capability.

“The synergy between our defence forces was flawless, and we neutralised threats with precision, protecting our interests with unwavering resolve. But what many did not see and don’t know still is the silent and parallel battle that was fought and won on the side,” Prasada said, referring to cyberwarfare against disinformation, misinformation, phishing, and other forms during Operation Sindoor.

The National Stock Exchange recorded its highest-ever cyberattacks in a single day during Operation Sindoor. According to PTI, the NSE faced 40 crore attacks in one day, compared to an average of about 17 crore daily.

Discussions throughout the day focused on who holds responsibility for the maritime sector’s cyber preparedness, given that oversight remains fragmented across multiple ministries and agencies. Participants pointed to persistent gaps in basic cyber hygiene and awareness, with people still using weak passwords and underestimating the human element in security.

The sector’s rapid digitalisation through smart ports, automation, and AI is expanding its vulnerability surface, even as its economic weight — contributing nearly 27% of India’s GDP and handling 95% of the country’s trade — makes cyber resilience critical, vice admiral Tarun Sobti said.

The seminar underlined the absence of a centralised framework or nodal agency to set cyber standards and coordinate across the maritime, naval, and offshore domains, recommending tighter inter-agency coordination or even a dedicated maritime cyber vertical.

CERT-In director general Sanjay Bahl said that work has been underway for nearly four to five years to establish a dedicated Maritime CERT, a specialised agency to handle cyber incidents, coordinate responses, and set security standards for India’s maritime sector. Bahl said that while the framework for this sector-specific CERT has already been developed, it has been awaiting finalisation and adoption by the maritime sector.

“I encourage that the Maritime CERT should be set up so that action can be taken immediately whenever there is an incident, and these incidents are only going to increase as more and more automation starts happening,” Bahl said. The administrative control of Maritime CERT will be with the sector, while the technical control will be with CERT-In.

Citing global incidents, Tripathi recalled the six-day Suez Canal blockage in 2021 that froze nearly $10 billion in trade every day, warning that “a similar disruption caused by a line of malicious code” could paralyse trade routes. He also referred to the 2023 cyberattack on DP World Australia, which halted nearly 40% of the country’s container trade, and the targeting of Iran’s shipping network by the Lab Dookhtegan group earlier this year.

The 2024 Maritime Cybersecurity Report, he said, recorded over 50 billion firewall events globally, 1,800 vessels targeted, and 178 ransomware incidents, each costing over half a million dollars on average. “In cyber terms, these are not merely attacks on systems. They are strikes on the very arteries of the global economy,” he added.