Are Global Ports the New Frontline for Cyber Attacks?

Dominic Jainy stands at the forefront of the battle against digital threats, blending a deep understanding of emerging tech with infrastructure defense. In our conversation, he dissects the breach of the Adriatic Port Authority, an event serving as a loud wake-up call for the shipping world. We explore the inner workings of the Anubis group, the technical gaps in port security, and the high-stakes financial motivations behind double extortion schemes.

The attack on the Adriatic Port Authority began with a spear-phishing email targeting staff at the management company. How does a simple email escalate into a breach that compromises sensitive cloud environments like Office 365 and Azure?

It is a chilling reminder of how the smallest crack in the door can lead to a total collapse of the house. On December 11, 2025, a single staff member likely received an email that looked perfectly routine, yet it carried the seeds of a massive disruption. Once that initial access was secured, the attackers moved laterally through the network, bypassing the need to even touch operational technology. By focusing on IT weaknesses like insecure cloud accounts managing Office 365 and Azure, the threat actors were able to seize control of the very systems that coordinate the port’s daily life. It is terrifying to think that a few keystrokes from a compromised account can eventually lead to the rerouting of massive cargo vessels and the paralysis of a major maritime hub.

While the authority claimed only 2% of data was lost, reports suggest a much more harrowing scene with rerouted vessels and a staggering ransom demand. What makes the specific types of stolen data—like port safety plans—so dangerous in the hands of criminals?

The raw percentage of data lost, in this case roughly 2%, is often a deceptive metric because it does not account for the “quality” or sensitivity of that information. While the authority managed to preserve much through backups, the material that did reach the dark web—employee records, contracts, and safety plans—is absolute gold for organized crime. Having the blueprints for port security operations allows groups to facilitate smuggling or even recruit insiders by using personal details for leverage. When you combine that with a reported $10 million Bitcoin ransom demand, you realize these attackers are not just looking for a quick payout; they are trying to hold the entire logistical flow of a region hostage. The sight of ships being diverted from Ancona because the digital heartbeat of the port was flatlining shows that the physical world is now entirely at the mercy of the digital one.

Anubis has rapidly evolved into a sophisticated operation since its 2024 debut, utilizing a Ransomware-as-a-Service model. Can you explain how their profit-sharing structure incentivizes such high-stakes attacks across multiple industries?

The Anubis group has turned cybercrime into a highly efficient corporate machine since they launched their affiliate program in February 2025. By offering affiliates 80% of the take for deploying ransomware and 60% for data extortion, they have created an aggressive incentive structure that attracts the most capable hackers. They even offer a 50% cut to initial access brokers, which ensures a steady stream of new victims across sectors like healthcare, construction, and engineering. This model has already boasted earnings of more than $20 million, proving that the double extortion method is tragically effective. It turns the “business” of hacking into a scalable, global enterprise where the developers provide the tools and the affiliates provide the ruthlessness.

The investigation revealed that attackers often exploit unpatched flaws in internet-facing systems. What are the most critical technical gaps you see in maritime IT that allow groups to bypass security without even touching operational technology?

The maritime sector is currently struggling with a thin level of cyber maturity that leaves the door wide open for mass exploitation. We are seeing attackers repeatedly use known vulnerabilities, such as SonicWall VPNs that lack multi-factor authentication or the CitrixBleed 2 flaw. There is also the issue of unpatched systems like the SolarWinds Web Help Desk, where the CVE-2025-26399 vulnerability provides an easy entry point for anyone with the right toolkit. Ports are digitizing at a rapid pace, but their IT infrastructure is often outdated and unable to keep up with the evolving threat landscape. The reliance on Cisco SSL VPNs and other internet-facing systems means that if you are not rigorous about patching, you are essentially inviting groups like Anubis to walk right in.

What is your forecast for the maritime security landscape as ports continue to digitize?

I expect the pressure on maritime infrastructure to deepen significantly as we move toward 2030. As digitization widens the attack surface, the gap between the sophisticated tools used by RaaS groups and the outdated IT found in many ports will become a primary global risk. We will likely see more coordinated hits similar to what happened at Nagoya or with Maersk, where the goal isn’t just data theft, but the total leverage of global supply chains. Unless the sector moves toward a much higher level of cyber maturity—incorporating mandatory multi-factor authentication and real-time vulnerability management—the maritime industry will remain a prime target for high-value extortion.

Explore more

Visa Launches SDK to Expand Digital Payments Across Africa

A local street vendor in Accra or a tech-savvy freelancer in Dar es Salaam often finds that having a mobile wallet is not enough to participate in the lucrative global digital economy. While local transfers have flourished, the inability to access international marketplaces creates a glass ceiling for millions of ambitious African entrepreneurs and consumers. The launch of the Visa

Uzbekistan Rapidly Transforms Its Digital Financial Sector

A traveler walking through the bustling Chorsu Bazaar in Tashkent today would likely witness a scene that would have been unrecognizable only a few years ago: vendors who once strictly dealt in stacks of som notes now effortlessly accept instant QR code payments on their mobile devices. This micro-level shift at a local market stall reflects a macro-level upheaval within

How Remote Work and AI Are Eroding Entry-Level Hiring

The traditional expectation that a university degree serves as a guaranteed entry point into a stable professional trajectory has collided with a harsh new economic reality where early-career opportunities are rapidly evaporating. While the labor market has historically rewarded the vigor and potential of young graduates, a silent decoupling occurred that left the newest members of the workforce navigating a

Salesforce, NiCE, and Oracle Lead ISG 2026 CXM Rankings

The modern consumer’s loyalty now hinges on a singular, invisible thread that snaps the moment a customer is forced to repeat their grievance to a third representative who has no record of the previous conversation. In a marketplace defined by hyper-competition, these fragmented experiences are no longer merely inconvenient; they are financially catastrophic for the enterprise. As organizations struggle with

Has Hyper-Measurement Killed Creativity in B2B Marketing?

The digital dashboard promised a world of absolute certainty where every marketing dollar could be tracked with surgical precision, yet many B2B brands now find themselves invisible in a sea of data-driven sameness. While marketing departments once thrived on intuition and bold storytelling, the modern era has substituted that creative spark for a reliance on real-time analytics that often prioritizes