AMM
Company Details
Linkedin ID:
maersk-group
Website:
Employees number:
82,857
Number of followers:
2,390,055
NAICS:
47
Industry Type:
Homepage:
maersk.com
IP Addresses:
232
Company ID:
A.P_1351900
Scan Status:
Completed
Internal validation & live display
Multiple badges & continuous verification
Faster underwriting decisions
A.P. Moller - Maersk Vendor Cyber Rating & Cyber Score
maersk.comA.P. Moller - Maersk is an integrated transport and logistics company; going all the way, together, for our customers and society. ALL THE WAY is our commitment to connect the world so that everyone has both the possibility and the ability to trade, grow and thrive. The company employs roughly 110.000 employees across operations in 130 countries.
A.P. Moller - Maersk A.I CyberSecurity Scoring
AMM Risk Score (AI oriented)Between 750 and 799
AMM
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
AMM Global Score (TPRM)XXXX
AMM
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
AMM Company CyberSecurity News & History
Past Incidents
2
Attack Types
2
SolarWindsT-Mobile
Breach
Rankiteo Explanation
Attack threatening the organization’s existence
Description: In August 2021, T-Mobile experienced a significant cybersecurity breach, resulting in the theft of data from about 50 million existing and potential customers. The information compromised included customer addresses, drivers' licenses, and social security numbers. This breach was orchestrated by a 21-year-old who claimed to have accessed approximately 106GB of T-Mobile's data. The exposure of such sensitive personal information potentially puts millions of individuals at risk of identity theft and fraud, raising serious privacy and security concerns.
Maersk
Cyber Attack
Rankiteo Explanation
Attack threatening the organization’s existence
Description: In 2017, Maersk, the world’s largest shipping company, fell victim to the NotPetya cyberattack, a destructive malware campaign attributed to Russian military hackers. The attack originated from a compromised update in Ukrainian accounting software, rapidly spreading across Maersk’s global network. The incident forced the shutdown of 76 port terminals, disrupted over 45,000 PCs and 4,000 servers, and paralyzed critical operations, including cargo tracking, booking systems, and communication channels.The financial and operational impact was severe, with Maersk estimating losses between $250–$300 million due to halted shipments, delayed deliveries, and recovery efforts. The attack exposed deep vulnerabilities in the company’s IT infrastructure, particularly its reliance on interconnected systems without adequate segmentation. While Maersk managed to restore operations within weeks by reinstalling entire systems from backups, the incident highlighted the maritime sector’s susceptibility to state-sponsored cyber warfare and the cascading effects of a single breach on global trade.The attack also triggered industry-wide alarm, prompting Maersk and other shipping giants to invest heavily in cybersecurity upgrades, including network isolation, endpoint protection, and employee training to mitigate future threats.
AMM Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for AMM
Incidents vs Transportation, Logistics, Supply Chain and Storage Industry Average (This Year)
No incidents recorded for A.P. Moller - Maersk in 2026.
Incidents vs All-Companies Average (This Year)
No incidents recorded for A.P. Moller - Maersk in 2026.
Incident Types AMM vs Transportation, Logistics, Supply Chain and Storage Industry Avg (This Year)
No incidents recorded for A.P. Moller - Maersk in 2026.
Incident History — AMM (X = Date, Y = Severity)
AMM cyber incidents detection timeline including parent company and subsidiaries
AMM Company Subsidiaries
A.P. Moller - Maersk is an integrated transport and logistics company; going all the way, together, for our customers and society. ALL THE WAY is our commitment to connect the world so that everyone has both the possibility and the ability to trade, grow and thrive. The company employs roughly 110.000 employees across operations in 130 countries.
Loading...
AMM Similar Companies
CMA CGM
The CMA CGM Group is a global player in sea, land, air and logistics solutions, true to its corporate Purpose, "We imagine better ways to serve a world in motion". Present in 177 countries, it employs 160,000 people, of which nearly 6,000 in Marseilles where its head office is located. The world's
Walmart Distribution Center
Saving people money so they can live better is a big job. That’s why we have one of the largest private distribution networks in the world. Each of our 42 regional U.S. distribution centers is over 1 million square feet, with more than 12 miles of conveyor belts to move 5.5 billion cases of merchand
Poste Italiane
L'azienda opera in Italia e svolge un ruolo importante nel Paese, dando un forte contributo alla filiera produttiva e all'economia nazionale. Il Gruppo Poste Italiane rappresenta una realtà unica per dimensioni, riconoscibilità, capillarità e fiducia da parte della clientela, e fornisce un important
Ecom Express Limited
Ecom Express: Delivering Over 1.9 Billion Reasons to Trust Us Based in Gurugram, Ecom Express was established in 2012 by veterans backed by 100+ years of collective logistics expertise. We aren't just a logistics provider—we're your partner in bridging distances and making connections. Our network
Delhivery
Delhivery is India’s largest fully-integrated logistics services provider. With a nationwide network spanning over 18,850 pin codes, the company offers a comprehensive range of logistics solutions — including express parcel transportation, partial-truckload (PTL) and full-truckload (FTL) freight, cr
C.H. Robinson
C.H. Robinson is the global leader in Lean AI supply chains. For more than a century, companies everywhere have looked to us to reimagine how goods move. Now, as we redefine what’s next for the industry, that same drive fuels our commitment to Building Tomorrow’s Supply Chains, Today™. Trusted by 83
La Poste Groupe
Premier réseau commercial de proximité en France, le groupe La Poste est organisé en 4 branches d’activité : Services-Courrier-Colis, Banque et Assurance, Distributeur physique et numérique, GeoPost/DPDGroup pour l'international. Présent dans plus de 63 pays, sur 5 continents, il a réalisé un chiffr
DP World
Trade is the lifeblood of the global economy, creating opportunities and improving the quality of life for people around the world. DP World exists to make the world’s trade flow better, changing what’s possible for the customers and communities we serve globally. With a dedicated, diverse and p
DTDC Express Limited
DTDC Express Ltd is one of India’s leading integrated express logistics company offering domestic and international services. DTDC offers a comprehensive range of technology-enabled logistics services, serving a wide spectrum of customers across diverse industry verticals. Today, DTDC operates India
.png)
AMM CyberSecurity News
November 28, 2025 08:00 AM
Cybersecurity in European Shipping: Key Lessons from Maersk’s Cyber Attack
The European shipping industry, a backbone of global trade, faces increasing threats from cyberattacks. In recent years, the Maersk cyber...
October 03, 2025 07:00 AM
IT Brew Movie Club: 'Hackers' (1995)
Hackers rollerbladed into theaters almost exactly 30 years ago. The 1995 movie features young, fashionable, rebellious techies (Jonny Lee...
June 10, 2025 07:00 AM
Cybersecurity jobs available right now: June 10, 2025
Here are the worldwide cybersecurity job openings available as of June 10, 2025, including on-site, hybrid, and remote roles.
June 05, 2025 07:00 AM
#Infosec2025: Cybersecurity Lessons From Maersk’s Former CISO
2017 ransomware attack on shipping company A P Moller Maersk marked a turning point for the cybersecurity industry, according to its former...
April 01, 2025 07:00 AM
Securing the Supply Chain: Cyber Security's Importance in Logistics
Explore why cybersecurity is vital in logistics, how it protects supply chains from evolving digital threats, and advanced security measures...
February 07, 2025 08:00 AM
Cybersecurity 2025 | How businesses can shore up their supply chains in the era of cyber threats
When it comes to cyber safety, you're only as strong as your weakest link. Hear from @Andy Powell, CISO @A.P. Moller - Maersk on why...
January 27, 2025 08:00 AM
5 cybersecurity priorities that demand your attention
Cyberthreats are no longer exceptional events but a normal part of doing business. In 2024 alone, hackers disrupted political campaigns,...
September 16, 2024 07:00 AM
From NotPetya to Today’s Global Conflict Landscape: Cyberpolitical Risk Emerges as a Critical Challenge to Business & Society
In the 19th century, Prussian general Carl von Clausewitz famously stated that war is politics by other means. Nearly two hundred years...
March 11, 2024 07:00 AM
Maritime cybersecurity: threats and challenges
Cybersecurity specialists have presented an update on the marine cybersecurity landscape, including threats, mistakes shipping companies.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
AMM CyberSecurity History Information
Official Website of A.P. Moller - Maersk
The official website of A.P. Moller - Maersk is http://www.maersk.com.
A.P. Moller - Maersk’s AI-Generated Cybersecurity Score
According to Rankiteo, A.P. Moller - Maersk’s AI-generated cybersecurity score is 787, reflecting their Fair security posture.
How many security badges does A.P. Moller - Maersk’ have ?
According to Rankiteo, A.P. Moller - Maersk currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Has A.P. Moller - Maersk been affected by any supply chain cyber incidents ?
According to Rankiteo, A.P. Moller - Maersk has been affected by a supply chain cyber incident involving SolarWinds, with the incident ID T-M416050724.
Does A.P. Moller - Maersk have SOC 2 Type 1 certification ?
According to Rankiteo, A.P. Moller - Maersk is not certified under SOC 2 Type 1.
Does A.P. Moller - Maersk have SOC 2 Type 2 certification ?
According to Rankiteo, A.P. Moller - Maersk does not hold a SOC 2 Type 2 certification.
Does A.P. Moller - Maersk comply with GDPR ?
According to Rankiteo, A.P. Moller - Maersk is not listed as GDPR compliant.
Does A.P. Moller - Maersk have PCI DSS certification ?
According to Rankiteo, A.P. Moller - Maersk does not currently maintain PCI DSS compliance.
Does A.P. Moller - Maersk comply with HIPAA ?
According to Rankiteo, A.P. Moller - Maersk is not compliant with HIPAA regulations.
Does A.P. Moller - Maersk have ISO 27001 certification ?
According to Rankiteo,A.P. Moller - Maersk is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of A.P. Moller - Maersk
A.P. Moller - Maersk operates primarily in the Transportation, Logistics, Supply Chain and Storage industry.
Number of Employees at A.P. Moller - Maersk
A.P. Moller - Maersk employs approximately 82,857 people worldwide.
Subsidiaries Owned by A.P. Moller - Maersk
A.P. Moller - Maersk presently has no subsidiaries across any sectors.
A.P. Moller - Maersk’s LinkedIn Followers
A.P. Moller - Maersk’s official LinkedIn profile has approximately 2,390,055 followers.
NAICS Classification of A.P. Moller - Maersk
A.P. Moller - Maersk is classified under the NAICS code 47, which corresponds to Transportation and Warehousing.
A.P. Moller - Maersk’s Presence on Crunchbase
No, A.P. Moller - Maersk does not have a profile on Crunchbase.
A.P. Moller - Maersk’s Presence on LinkedIn
Yes, A.P. Moller - Maersk maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/maersk-group.
Cybersecurity Incidents Involving A.P. Moller - Maersk
As of April 02, 2026, Rankiteo reports that A.P. Moller - Maersk has experienced 2 cybersecurity incidents.
Number of Peer and Competitor Companies
A.P. Moller - Maersk has an estimated 6,532 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at A.P. Moller - Maersk ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach and Cyber Attack.
What was the total financial impact of these incidents on A.P. Moller - Maersk ?
Total Financial Loss: The total financial loss from these incidents is estimated to be $300 million.
How does A.P. Moller - Maersk detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an incident response plan activated with maersk (notpetya: global it recovery), incident response plan activated with port of rijeka (unspecified), incident response plan activated with u.s. coast guard mandates (2025 rule), and third party assistance with cybersecurity firms (e.g., maersk’s recovery), third party assistance with government agencies (e.g., nato ccdcoe warnings), and law enforcement notified with maersk (notpetya attributed to russian military), law enforcement notified with potential notifications for port of rijeka/marinemax, and containment measures with isolation of infected systems (maersk), containment measures with manual overrides (ot failures), containment measures with gnss backup systems (jamming mitigation), and remediation measures with system rebuilds (maersk: 45,000 pcs/4,000 servers), remediation measures with software patching (outdated systems), remediation measures with supply chain audits (third-party risks), and recovery measures with maersk: 10-day global recovery (notpetya), recovery measures with port of rijeka: data restoration (8base), recovery measures with iranian tankers: communications reestablishment, and communication strategy with public disclosures (maersk, marinemax), communication strategy with stakeholder advisories (imo/nis2 compliance), communication strategy with customer notifications (data breaches), and network segmentation with recommended (e.g., imo guidelines), and enhanced monitoring with marlink’s threat tracking (1,800 vessels, 2024), enhanced monitoring with ai-driven anomaly detection (emerging)..
Incident Details
Can you provide details on each incident ?
Title: T-Mobile Data Breach
Description: In August 2021, T-Mobile experienced a significant cybersecurity breach, resulting in the theft of data from about 50 million existing and potential customers. The information compromised included customer addresses, drivers' licenses, and social security numbers. This breach was orchestrated by a 21-year-old who claimed to have accessed approximately 106GB of T-Mobile's data. The exposure of such sensitive personal information potentially puts millions of individuals at risk of identity theft and fraud, raising serious privacy and security concerns.
Date Detected: August 2021
Type: Data Breach
Threat Actor: 21-year-old individual
Title: Maritime Cybersecurity Threats and Incidents (2017–2024)
Description: The maritime sector, including ships, ports, and terminals, faces escalating cyber threats due to modernization, geopolitical tensions, and the adoption of AI. Incidents range from ransomware attacks (e.g., Maersk's NotPetya in 2017) to GNSS jamming/spoofing and AI-powered attacks. Vulnerabilities stem from outdated systems, supply chain risks, lack of in-house expertise (only 17% of shipyards have cybersecurity capabilities), and fragmented cybersecurity governance across public/private actors. High-profile cases include the MV Dali power loss (2024, no confirmed cyberattack but raised concerns), the Port of Rijeka ransomware attack by 8Base, and Lab-Dookhtegan’s disruption of 60+ Iranian oil tankers. Regulatory responses include the U.S. Coast Guard’s 2025 rule, EU’s NIS2 Directive, and IMO’s updated ISM Code guidelines.
Type: Ransomware
Attack Vector: Compromised Software Updates (NotPetya via Ukrainian accounting software)Phishing/Social EngineeringOutdated/Poorly Maintained SystemsThird-Party Vendor VulnerabilitiesGNSS Jamming/Spoofing (Russia, Iran, China)AI-Assisted Exploits (e.g., subverting AI assistants)Manual Override of Digital Systems (human error)
Vulnerability Exploited: Lack of In-House Cybersecurity Expertise (17% of shipyards)Fragmented Cybersecurity Governance (no common procedures)Limited Supply Chain Visibility (beyond first-tier vendors)Outdated Software (e.g., Iranian oil tankers)Poorly Secured OT Systems (e.g., MV Dali electrical blackout)Absence of Standardized Risk AssessmentsInsufficient Workforce Training (phishing/social engineering)
Threat Actor: Name: Russian Military (NotPetya), Type: State-Sponsored, Motivation: Geopolitical Disruption, Name: 8Base Ransomware Group, Type: Financially Motivated, Motivation: Extortion, Name: Lab-Dookhtegan, Type: Hacktivist/State-Aligned, Motivation: Disruption (targeted Iranian maritime sector), Name: Unspecified State Actors (Russia, Iran, China), Type: State-Sponsored, Motivation: GNSS Jamming/Spoofing for Strategic Advantage, Name: Financially Motivated Hackers, Type: Cybercriminal, Motivation: Ransomware/Data Theft.
Motivation: Financial Gain (Ransomware)Geopolitical Disruption (State Actors)Espionage (Strategic Maritime Data)Hacktivism (e.g., Lab-Dookhtegan)Operational Sabotage (e.g., GNSS Interference)
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Compromised Software Update (NotPetya via Ukrainian accounting software)Phishing/Social Engineering (MarineMax and Port of Rijeka)Outdated Software (Iranian Tankers)Third-Party Vendor Vulnerabilities (Supply Chain).
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach T-M416050724
Data Compromised: Customer addresses, Drivers' licenses, Social security numbers
Identity Theft Risk: High
Incident : Ransomware MAE508082925
Financial Loss: Maersk: $300M (NotPetya, 2017)Unspecified losses for MarineMax, Port of Rijeka, and other targets
Data Compromised: Financial records (maersk, marinemax, port of rijeka), Employee/customer data (marinemax), Shipping routes/cargo data (ports), Personal data (port of rijeka: invoices, contracts, accounting records), Navigation/logistics data (gnss spoofing)
Systems Affected: 76 Port Terminals (Maersk, 2017)45,000+ PCs and 4,000 Servers (Maersk)Accounting Systems (MarineMax)Communications (60+ Iranian Oil Tankers)GNSS Navigation (Jamming/Spoofing)OT Systems (MV Dali power loss)
Downtime: ['Maersk: Weeks (NotPetya)', 'Port of Rijeka: Unspecified (8Base Attack)', 'Iranian Tankers: Communications Disabled (Lab-Dookhtegan)']
Operational Impact: Collapse of Francis Scott Key Bridge (MV Dali, indirect)Disruption of 80% Global Trade (Port Targeting)Manual Overrides Required (Digital System Failures)Supply Chain Delays (Ransomware/OT Attacks)
Revenue Loss: ['Maersk: $300M (2017)', 'Potential losses for Port of Rijeka, MarineMax, and other entities']
Customer Complaints: ['Likely for MarineMax (data breach)', 'Potential for Maersk/Port of Rijeka (service disruptions)']
Brand Reputation Impact: Maersk (NotPetya)MarineMax (Customer/Employee Data Exposure)Port of Rijeka (Confidential Data Theft)
Legal Liabilities: Potential GDPR Violations (EU Ports)U.S. Coast Guard Reporting Requirements (2025 Rule)IMO ISM Code Non-Compliance Risks
Identity Theft Risk: ['Employee/Customer Data (MarineMax, Port of Rijeka)']
Payment Information Risk: ['Financial Records (Maersk, MarineMax, Port of Rijeka)']
What is the average financial loss per incident ?
Average Financial Loss: The average financial loss per incident is $150.00 million.
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Customer Addresses, Drivers' Licenses, Social Security Numbers, , Financial Records, Employee Data, Customer Data, Shipping Routes/Cargo Data, Personal Data (Contracts, Invoices), Accounting Records and .
Which entities were affected by each incident ?
Incident : Data Breach T-M416050724
Entity Name: T-Mobile
Entity Type: Telecommunications Company
Industry: Telecommunications
Customers Affected: 50 million
Incident : Ransomware MAE508082925
Entity Name: Maersk
Entity Type: Shipping Company
Industry: Maritime/Logistics
Location: Global (HQ: Denmark)
Size: Large (World’s largest shipping company)
Customers Affected: Global supply chain partners
Incident : Ransomware MAE508082925
Entity Name: Port of Rijeka
Entity Type: Port Authority
Industry: Maritime/Logistics
Location: Croatia
Size: Medium
Incident : Ransomware MAE508082925
Entity Name: MarineMax
Entity Type: Boat Retailer
Industry: Maritime/Retail
Location: USA
Size: Large
Customers Affected: Yes (financial/employee/customer data)
Incident : Ransomware MAE508082925
Entity Name: Iranian Oil Tankers (60+ vessels)
Entity Type: Shipping Fleet
Industry: Oil/Gas Maritime
Location: Iran/Global
Size: Large
Incident : Ransomware MAE508082925
Entity Name: MV Dali
Entity Type: Cargo Ship
Industry: Maritime
Location: Baltimore, USA (incident location)
Size: Medium
Incident : Ransomware MAE508082925
Entity Name: Francis Scott Key Bridge
Entity Type: Infrastructure
Industry: Transportation
Location: Baltimore, USA
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Ransomware MAE508082925
Incident Response Plan Activated: ['Maersk (NotPetya: Global IT Recovery)', 'Port of Rijeka (Unspecified)', 'U.S. Coast Guard Mandates (2025 Rule)']
Third Party Assistance: Cybersecurity Firms (E.G., Maersk’S Recovery), Government Agencies (E.G., Nato Ccdcoe Warnings).
Law Enforcement Notified: Maersk (NotPetya attributed to Russian military), Potential notifications for Port of Rijeka/MarineMax,
Containment Measures: Isolation of Infected Systems (Maersk)Manual Overrides (OT Failures)GNSS Backup Systems (Jamming Mitigation)
Remediation Measures: System Rebuilds (Maersk: 45,000 PCs/4,000 servers)Software Patching (Outdated Systems)Supply Chain Audits (Third-Party Risks)
Recovery Measures: Maersk: 10-Day Global Recovery (NotPetya)Port of Rijeka: Data Restoration (8Base)Iranian Tankers: Communications Reestablishment
Communication Strategy: Public Disclosures (Maersk, MarineMax)Stakeholder Advisories (IMO/NIS2 Compliance)Customer Notifications (Data Breaches)
Network Segmentation: ['Recommended (e.g., IMO Guidelines)']
Enhanced Monitoring: Marlink’s Threat Tracking (1,800 vessels, 2024)AI-Driven Anomaly Detection (Emerging)
What is the company's incident response plan?
Incident Response Plan: The company's incident response plan is described as Maersk (NotPetya: Global IT Recovery), Port of Rijeka (Unspecified), U.S. Coast Guard Mandates (2025 Rule), .
How does the company involve third-party assistance in incident response ?
Third-Party Assistance: The company involves third-party assistance in incident response through Cybersecurity Firms (e.g., Maersk’s recovery), Government Agencies (e.g., NATO CCDCOE warnings), .
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach T-M416050724
Type of Data Compromised: Customer addresses, Drivers' licenses, Social security numbers
Number of Records Exposed: 50 million
Sensitivity of Data: High
Data Exfiltration: 106GB
Personally Identifiable Information: Yes
Incident : Ransomware MAE508082925
Type of Data Compromised: Financial records, Employee data, Customer data, Shipping routes/cargo data, Personal data (contracts, invoices), Accounting records
Sensitivity of Data: High (financial, PII, operational)
Data Exfiltration: Port of Rijeka (8Base claimed theft)MarineMax (online exposure)Potential in NotPetya (Maersk)
Data Encryption: ['Ransomware Encryption (NotPetya, 8Base)']
File Types Exposed: InvoicesReceiptsEmployment ContractsAccounting RecordsNavigation Logs (GNSS Data)
Personally Identifiable Information: Employee/Customer Data (MarineMax, Port of Rijeka)
What measures does the company take to prevent data exfiltration ?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: System Rebuilds (Maersk: 45,000 PCs/4,000 servers), Software Patching (Outdated Systems), Supply Chain Audits (Third-Party Risks), .
How does the company handle incidents involving personally identifiable information (PII) ?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by isolation of infected systems (maersk), manual overrides (ot failures), gnss backup systems (jamming mitigation) and .
Ransomware Information
Was ransomware involved in any of the incidents ?
Incident : Ransomware MAE508082925
Ransom Demanded: ['8Base (Port of Rijeka: unspecified)', 'NotPetya (Maersk: no ransom demanded, wiper malware)']
Ransom Paid: Maersk: None (NotPetya was wiper malware)Port of Rijeka: Unspecified
Ransomware Strain: NotPetya (2017)8Base (2024)
Data Encryption: ['NotPetya (Maersk)', '8Base (Port of Rijeka)']
Data Exfiltration: ['8Base (Port of Rijeka: claimed theft)']
How does the company recover data encrypted by ransomware ?
Data Recovery from Ransomware: The company recovers data encrypted by ransomware through Maersk: 10-Day Global Recovery (NotPetya), Port of Rijeka: Data Restoration (8Base), Iranian Tankers: Communications Reestablishment, .
Regulatory Compliance
Were there any regulatory violations and fines imposed for each incident ?
Incident : Ransomware MAE508082925
Regulations Violated: Potential GDPR (EU Ports/Data Breaches), IMO ISM Code (Cybersecurity Integration), U.S. Coast Guard 2025 Rule (Incident Reporting),
Regulatory Notifications: Mandatory under NIS2 (EU)U.S. Coast Guard National Response Center (2025 Rule)IMO MSC.428(98) Reporting
Lessons Learned and Recommendations
What lessons were learned from each incident ?
Incident : Ransomware MAE508082925
Lessons Learned: Fragmented cybersecurity governance increases risk; standardized procedures are critical., Supply chain visibility must extend beyond first-tier vendors to mitigate third-party risks., OT systems (e.g., ship navigation) require air-gapping/segmentation to prevent cascading failures., Workforce training is essential to counter phishing/social engineering (human error = top risk)., AI-powered attacks demand continuous threat monitoring and adaptive defenses., GNSS jamming/spoofing highlights the need for redundant navigation systems., Regulatory compliance (NIS2, IMO, U.S. Coast Guard) is evolving; proactive adaptation is necessary.
What recommendations were made to prevent future incidents ?
Incident : Ransomware MAE508082925
Recommendations: Implement **network segmentation** to isolate OT/IT systems (e.g., ship navigation vs. accounting)., Conduct **continuous risk assessments** for AI-driven and supply chain threats., Establish **cross-sector collaboration** (public/private info-sharing on threats)., Mandate **cybersecurity training** for all staff, including manual override procedures., Adopt **IMO ISM Code updates** and align with NIS2/U.S. Coast Guard requirements., Deploy **GNSS backup systems** (e.g., inertial navigation) to counter jamming/spoofing., Invest in **third-party vendor audits** to map supply chain risks beyond Tier 1., Develop **incident response playbooks** for ransomware, OT failures, and data breaches., Leverage **AI for threat detection** while securing AI systems against adversarial attacks., Appoint **dedicated Cybersecurity Officers** (per U.S. Coast Guard 2025 rule).Implement **network segmentation** to isolate OT/IT systems (e.g., ship navigation vs. accounting)., Conduct **continuous risk assessments** for AI-driven and supply chain threats., Establish **cross-sector collaboration** (public/private info-sharing on threats)., Mandate **cybersecurity training** for all staff, including manual override procedures., Adopt **IMO ISM Code updates** and align with NIS2/U.S. Coast Guard requirements., Deploy **GNSS backup systems** (e.g., inertial navigation) to counter jamming/spoofing., Invest in **third-party vendor audits** to map supply chain risks beyond Tier 1., Develop **incident response playbooks** for ransomware, OT failures, and data breaches., Leverage **AI for threat detection** while securing AI systems against adversarial attacks., Appoint **dedicated Cybersecurity Officers** (per U.S. Coast Guard 2025 rule).Implement **network segmentation** to isolate OT/IT systems (e.g., ship navigation vs. accounting)., Conduct **continuous risk assessments** for AI-driven and supply chain threats., Establish **cross-sector collaboration** (public/private info-sharing on threats)., Mandate **cybersecurity training** for all staff, including manual override procedures., Adopt **IMO ISM Code updates** and align with NIS2/U.S. Coast Guard requirements., Deploy **GNSS backup systems** (e.g., inertial navigation) to counter jamming/spoofing., Invest in **third-party vendor audits** to map supply chain risks beyond Tier 1., Develop **incident response playbooks** for ransomware, OT failures, and data breaches., Leverage **AI for threat detection** while securing AI systems against adversarial attacks., Appoint **dedicated Cybersecurity Officers** (per U.S. Coast Guard 2025 rule).Implement **network segmentation** to isolate OT/IT systems (e.g., ship navigation vs. accounting)., Conduct **continuous risk assessments** for AI-driven and supply chain threats., Establish **cross-sector collaboration** (public/private info-sharing on threats)., Mandate **cybersecurity training** for all staff, including manual override procedures., Adopt **IMO ISM Code updates** and align with NIS2/U.S. Coast Guard requirements., Deploy **GNSS backup systems** (e.g., inertial navigation) to counter jamming/spoofing., Invest in **third-party vendor audits** to map supply chain risks beyond Tier 1., Develop **incident response playbooks** for ransomware, OT failures, and data breaches., Leverage **AI for threat detection** while securing AI systems against adversarial attacks., Appoint **dedicated Cybersecurity Officers** (per U.S. Coast Guard 2025 rule).Implement **network segmentation** to isolate OT/IT systems (e.g., ship navigation vs. accounting)., Conduct **continuous risk assessments** for AI-driven and supply chain threats., Establish **cross-sector collaboration** (public/private info-sharing on threats)., Mandate **cybersecurity training** for all staff, including manual override procedures., Adopt **IMO ISM Code updates** and align with NIS2/U.S. Coast Guard requirements., Deploy **GNSS backup systems** (e.g., inertial navigation) to counter jamming/spoofing., Invest in **third-party vendor audits** to map supply chain risks beyond Tier 1., Develop **incident response playbooks** for ransomware, OT failures, and data breaches., Leverage **AI for threat detection** while securing AI systems against adversarial attacks., Appoint **dedicated Cybersecurity Officers** (per U.S. Coast Guard 2025 rule).Implement **network segmentation** to isolate OT/IT systems (e.g., ship navigation vs. accounting)., Conduct **continuous risk assessments** for AI-driven and supply chain threats., Establish **cross-sector collaboration** (public/private info-sharing on threats)., Mandate **cybersecurity training** for all staff, including manual override procedures., Adopt **IMO ISM Code updates** and align with NIS2/U.S. Coast Guard requirements., Deploy **GNSS backup systems** (e.g., inertial navigation) to counter jamming/spoofing., Invest in **third-party vendor audits** to map supply chain risks beyond Tier 1., Develop **incident response playbooks** for ransomware, OT failures, and data breaches., Leverage **AI for threat detection** while securing AI systems against adversarial attacks., Appoint **dedicated Cybersecurity Officers** (per U.S. Coast Guard 2025 rule).Implement **network segmentation** to isolate OT/IT systems (e.g., ship navigation vs. accounting)., Conduct **continuous risk assessments** for AI-driven and supply chain threats., Establish **cross-sector collaboration** (public/private info-sharing on threats)., Mandate **cybersecurity training** for all staff, including manual override procedures., Adopt **IMO ISM Code updates** and align with NIS2/U.S. Coast Guard requirements., Deploy **GNSS backup systems** (e.g., inertial navigation) to counter jamming/spoofing., Invest in **third-party vendor audits** to map supply chain risks beyond Tier 1., Develop **incident response playbooks** for ransomware, OT failures, and data breaches., Leverage **AI for threat detection** while securing AI systems against adversarial attacks., Appoint **dedicated Cybersecurity Officers** (per U.S. Coast Guard 2025 rule).Implement **network segmentation** to isolate OT/IT systems (e.g., ship navigation vs. accounting)., Conduct **continuous risk assessments** for AI-driven and supply chain threats., Establish **cross-sector collaboration** (public/private info-sharing on threats)., Mandate **cybersecurity training** for all staff, including manual override procedures., Adopt **IMO ISM Code updates** and align with NIS2/U.S. Coast Guard requirements., Deploy **GNSS backup systems** (e.g., inertial navigation) to counter jamming/spoofing., Invest in **third-party vendor audits** to map supply chain risks beyond Tier 1., Develop **incident response playbooks** for ransomware, OT failures, and data breaches., Leverage **AI for threat detection** while securing AI systems against adversarial attacks., Appoint **dedicated Cybersecurity Officers** (per U.S. Coast Guard 2025 rule).Implement **network segmentation** to isolate OT/IT systems (e.g., ship navigation vs. accounting)., Conduct **continuous risk assessments** for AI-driven and supply chain threats., Establish **cross-sector collaboration** (public/private info-sharing on threats)., Mandate **cybersecurity training** for all staff, including manual override procedures., Adopt **IMO ISM Code updates** and align with NIS2/U.S. Coast Guard requirements., Deploy **GNSS backup systems** (e.g., inertial navigation) to counter jamming/spoofing., Invest in **third-party vendor audits** to map supply chain risks beyond Tier 1., Develop **incident response playbooks** for ransomware, OT failures, and data breaches., Leverage **AI for threat detection** while securing AI systems against adversarial attacks., Appoint **dedicated Cybersecurity Officers** (per U.S. Coast Guard 2025 rule).Implement **network segmentation** to isolate OT/IT systems (e.g., ship navigation vs. accounting)., Conduct **continuous risk assessments** for AI-driven and supply chain threats., Establish **cross-sector collaboration** (public/private info-sharing on threats)., Mandate **cybersecurity training** for all staff, including manual override procedures., Adopt **IMO ISM Code updates** and align with NIS2/U.S. Coast Guard requirements., Deploy **GNSS backup systems** (e.g., inertial navigation) to counter jamming/spoofing., Invest in **third-party vendor audits** to map supply chain risks beyond Tier 1., Develop **incident response playbooks** for ransomware, OT failures, and data breaches., Leverage **AI for threat detection** while securing AI systems against adversarial attacks., Appoint **dedicated Cybersecurity Officers** (per U.S. Coast Guard 2025 rule).
What are the key lessons learned from past incidents ?
Key Lessons Learned: The key lessons learned from past incidents are Fragmented cybersecurity governance increases risk; standardized procedures are critical.,Supply chain visibility must extend beyond first-tier vendors to mitigate third-party risks.,OT systems (e.g., ship navigation) require air-gapping/segmentation to prevent cascading failures.,Workforce training is essential to counter phishing/social engineering (human error = top risk).,AI-powered attacks demand continuous threat monitoring and adaptive defenses.,GNSS jamming/spoofing highlights the need for redundant navigation systems.,Regulatory compliance (NIS2, IMO, U.S. Coast Guard) is evolving; proactive adaptation is necessary.
References
Where can I find more information about each incident ?
Incident : Ransomware MAE508082925
Source: NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE)
URL: https://ccdcoe.org/
Incident : Ransomware MAE508082925
Source: Marlink’s 2024 Maritime Cyber Threat Report
Incident : Ransomware MAE508082925
Source: U.S. Coast Guard 2025 Cybersecurity Rule
Incident : Ransomware MAE508082925
Source: EU NIS2 Directive
URL: https://digital-strategy.ec.europa.eu/en/policies/nis2-directive
Incident : Ransomware MAE508082925
Source: Maersk NotPetya Post-Incident Report
Incident : Ransomware MAE508082925
Source: Port of Rijeka 8Base Ransomware Attack (2024)
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE)Url: https://ccdcoe.org/, and Source: Marlink’s 2024 Maritime Cyber Threat Report, and Source: U.S. Coast Guard 2025 Cybersecurity RuleUrl: https://www.uscg.mil/, and Source: EU NIS2 DirectiveUrl: https://digital-strategy.ec.europa.eu/en/policies/nis2-directive, and Source: IMO ISM Code (MSC.428(98))Url: https://www.imo.org/, and Source: Maersk NotPetya Post-Incident Report, and Source: Port of Rijeka 8Base Ransomware Attack (2024).
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Ransomware MAE508082925
Investigation Status: ['Maersk NotPetya: Attributed to Russian military (confirmed)', 'MV Dali: No confirmed cyberattack (electrical failure under investigation)', 'Port of Rijeka: Ongoing (8Base claims unverified)', 'Iranian Tankers: Lab-Dookhtegan claimed responsibility (verified communications disruption)']
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Public Disclosures (Maersk, Marinemax), Stakeholder Advisories (Imo/Nis2 Compliance) and Customer Notifications (Data Breaches).
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident ?
Incident : Ransomware MAE508082925
Stakeholder Advisories: Imo: Urges Cyber Risk Assessments And Ism Code Integration., Nato Ccdcoe: Warns Of State-Sponsored Threats To Port Infrastructure., U.S. Coast Guard: Mandates Cybersecurity Officers And Incident Reporting By 2025., Eu: Nis2 Directive Requires Maritime Operators To Report Incidents And Secure Supply Chains..
Customer Advisories: Maersk: Notified partners of NotPetya impact (2017).MarineMax: Advised customers on data breach risks (2024).Port of Rijeka: Likely notified stakeholders of ransomware attack (2024).
What advisories does the company provide to stakeholders and customers following an incident ?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: were Imo: Urges Cyber Risk Assessments And Ism Code Integration., Nato Ccdcoe: Warns Of State-Sponsored Threats To Port Infrastructure., U.S. Coast Guard: Mandates Cybersecurity Officers And Incident Reporting By 2025., Eu: Nis2 Directive Requires Maritime Operators To Report Incidents And Secure Supply Chains., Maersk: Notified Partners Of Notpetya Impact (2017)., Marinemax: Advised Customers On Data Breach Risks (2024)., Port Of Rijeka: Likely Notified Stakeholders Of Ransomware Attack (2024). and .
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Ransomware MAE508082925
Entry Point: Compromised Software Update (Notpetya Via Ukrainian Accounting Software), Phishing/Social Engineering (Marinemax, Port Of Rijeka), Outdated Software (Iranian Tankers), Third-Party Vendor Vulnerabilities (Supply Chain),
Backdoors Established: ['Potential in NotPetya (lateral movement)', 'Possible in 8Base/Port of Rijeka attack']
High Value Targets: Shipping Routes/Cargo Data (Ports), Financial Systems (Maersk, Marinemax), Navigation/Ot Systems (Mv Dali, Iranian Tankers),
Data Sold on Dark Web: Shipping Routes/Cargo Data (Ports), Financial Systems (Maersk, Marinemax), Navigation/Ot Systems (Mv Dali, Iranian Tankers),
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Ransomware MAE508082925
Root Causes: Lack Of Cybersecurity Expertise (17% Of Shipyards), Fragmented Governance (No Common Incident Response Procedures), Supply Chain Blind Spots (Limited Visibility Beyond Tier 1 Vendors), Outdated/Poorly Maintained Systems (Iranian Tankers), Insufficient Ot/It Segmentation (Mv Dali, Maersk), Human Error (Phishing/Social Engineering Success), Regulatory Gaps (Pre-2025 U.S. Coast Guard Rules),
Corrective Actions: Maersk: Global It Infrastructure Overhaul Post-Notpetya., Imo: Updated Ism Code To Mandate Cyber Risk Assessments., U.S. Coast Guard: 2025 Rule For Cybersecurity Officers And Incident Reporting., Eu: Nis2 Directive Enforcement For Maritime Sector., Ports: Increased Third-Party Vendor Audits (E.G., Rijeka Post-Attack)., Shipping Companies: Ai Threat Monitoring And Workforce Training Programs.,
What is the company's process for conducting post-incident analysis ?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as Cybersecurity Firms (E.G., Maersk’S Recovery), Government Agencies (E.G., Nato Ccdcoe Warnings), , Marlink’S Threat Tracking (1,800 Vessels, 2024), Ai-Driven Anomaly Detection (Emerging), .
What corrective actions has the company taken based on post-incident analysis ?
Corrective Actions Taken: The company has taken the following corrective actions based on post-incident analysis: Maersk: Global It Infrastructure Overhaul Post-Notpetya., Imo: Updated Ism Code To Mandate Cyber Risk Assessments., U.S. Coast Guard: 2025 Rule For Cybersecurity Officers And Incident Reporting., Eu: Nis2 Directive Enforcement For Maritime Sector., Ports: Increased Third-Party Vendor Audits (E.G., Rijeka Post-Attack)., Shipping Companies: Ai Threat Monitoring And Workforce Training Programs., .
Additional Questions
General Information
Has the company ever paid ransoms ?
Ransom Payment History: The company has Paid ransoms in the past.
What was the amount of the last ransom demanded ?
Last Ransom Demanded: The amount of the last ransom demanded was ['8Base (Port of Rijeka: unspecified)', 'NotPetya (Maersk: no ransom demanded, wiper malware)'].
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident were an 21-year-old individual, Name: Russian Military (NotPetya)Type: State-SponsoredMotivation: Geopolitical DisruptionName: 8Base Ransomware GroupType: Financially MotivatedMotivation: ExtortionName: Lab-DookhteganType: Hacktivist/State-AlignedMotivation: Disruption (targeted Iranian maritime sector)Name: Unspecified State Actors (Russia, Iran and China)Type: State-SponsoredMotivation: GNSS Jamming/Spoofing for Strategic AdvantageName: Financially Motivated HackersType: CybercriminalMotivation: Ransomware/Data Theft.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on August 2021.
Impact of the Incidents
What was the highest financial loss from an incident ?
Highest Financial Loss: The highest financial loss from an incident was ['Maersk: $300M (NotPetya, 2017)', 'Unspecified losses for MarineMax, Port of Rijeka, and other targets'].
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were customer addresses, drivers' licenses, social security numbers, , Financial Records (Maersk, MarineMax, Port of Rijeka), Employee/Customer Data (MarineMax), Shipping Routes/Cargo Data (Ports), Personal Data (Port of Rijeka: invoices, contracts, accounting records), Navigation/Logistics Data (GNSS Spoofing) and .
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident were 76 Port Terminals (Maersk, 2017)45,000+ PCs and 4,000 Servers (Maersk)Accounting Systems (MarineMax)Communications (60+ Iranian Oil Tankers)GNSS Navigation (Jamming/Spoofing)OT Systems (MV Dali power loss).
Response to the Incidents
What third-party assistance was involved in the most recent incident ?
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was cybersecurity firms (e.g., maersk’s recovery), government agencies (e.g., nato ccdcoe warnings), .
What containment measures were taken in the most recent incident ?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident was Isolation of Infected Systems (Maersk)Manual Overrides (OT Failures)GNSS Backup Systems (Jamming Mitigation).
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were social security numbers, Employee/Customer Data (MarineMax), customer addresses, Financial Records (Maersk, MarineMax, Port of Rijeka), drivers' licenses, Personal Data (Port of Rijeka: invoices, contracts, accounting records), Shipping Routes/Cargo Data (Ports) and Navigation/Logistics Data (GNSS Spoofing).
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 50.0M.
Ransomware Information
What was the highest ransom demanded in a ransomware incident ?
Highest Ransom Demanded: The highest ransom demanded in a ransomware incident was ['8Base (Port of Rijeka: unspecified)', 'NotPetya (Maersk: no ransom demanded, wiper malware)'].
What was the highest ransom paid in a ransomware incident ?
Highest Ransom Paid: The highest ransom paid in a ransomware incident was ['Maersk: None (NotPetya was wiper malware)', 'Port of Rijeka: Unspecified'].
Lessons Learned and Recommendations
What was the most significant lesson learned from past incidents ?
Most Significant Lesson Learned: The most significant lesson learned from past incidents was Regulatory compliance (NIS2, IMO, U.S. Coast Guard) is evolving; proactive adaptation is necessary.
What was the most significant recommendation implemented to improve cybersecurity ?
Most Significant Recommendation Implemented: The most significant recommendation implemented to improve cybersecurity was Mandate **cybersecurity training** for all staff, including manual override procedures., Appoint **dedicated Cybersecurity Officers** (per U.S. Coast Guard 2025 rule)., Invest in **third-party vendor audits** to map supply chain risks beyond Tier 1., Establish **cross-sector collaboration** (public/private info-sharing on threats)., Adopt **IMO ISM Code updates** and align with NIS2/U.S. Coast Guard requirements., Deploy **GNSS backup systems** (e.g., inertial navigation) to counter jamming/spoofing., Leverage **AI for threat detection** while securing AI systems against adversarial attacks., Conduct **continuous risk assessments** for AI-driven and supply chain threats., Develop **incident response playbooks** for ransomware, OT failures, and data breaches., Implement **network segmentation** to isolate OT/IT systems (e.g. and ship navigation vs. accounting)..
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident are Marlink’s 2024 Maritime Cyber Threat Report, EU NIS2 Directive, U.S. Coast Guard 2025 Cybersecurity Rule, Port of Rijeka 8Base Ransomware Attack (2024), NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE), Maersk NotPetya Post-Incident Report and IMO ISM Code (MSC.428(98)).
What is the most recent URL for additional resources on cybersecurity best practices ?
Most Recent URL for Additional Resources: The most recent URL for additional resources on cybersecurity best practices is https://ccdcoe.org/, https://www.uscg.mil/, https://digital-strategy.ec.europa.eu/en/policies/nis2-directive, https://www.imo.org/ .
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is ['Maersk NotPetya: Attributed to Russian military (confirmed)', 'MV Dali: No confirmed cyberattack (electrical failure under investigation)', 'Port of Rijeka: Ongoing (8Base claims unverified)', 'Iranian Tankers: Lab-Dookhtegan claimed responsibility (verified communications disruption)'].
Stakeholder and Customer Advisories
What was the most recent stakeholder advisory issued ?
Most Recent Stakeholder Advisory: The most recent stakeholder advisory issued was IMO: Urges cyber risk assessments and ISM Code integration., NATO CCDCOE: Warns of state-sponsored threats to port infrastructure., U.S. Coast Guard: Mandates Cybersecurity Officers and incident reporting by 2025., EU: NIS2 Directive requires maritime operators to report incidents and secure supply chains., .
What was the most recent customer advisory issued ?
Most Recent Customer Advisory: The most recent customer advisory issued was an Maersk: Notified partners of NotPetya impact (2017).MarineMax: Advised customers on data breach risks (2024).Port of Rijeka: Likely notified stakeholders of ransomware attack (2024).
Initial Access Broker
.png)
Latest Global CVEs (Not Company-Specific)
Description
A vulnerability was found in Nothings stb up to 1.26. Impacted is the function stbtt_InitFont_internal in the library stb_truetype.h of the component TTF File Handler. Performing a manipulation results in out-of-bounds read. Remote exploitation of the attack is possible. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
Risk Information
cvss2
Base: 5.0
Severity: LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read in VS6ComFile!get_macro_mem_COM. Opening a crafted V7 file may lead to information disclosure from the affected product.
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
V-SFT versions 6.2.10.0 and prior contain a stack-based buffer overflow in VS6ComFile!CSaveData::_conv_AnimationItem. Opening a crafted V7 file may lead to arbitrary code execution on the affected product.
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read vulnerability in VS6MemInIF!set_temp_type_default. Opening a crafted V7 file may lead to information disclosure from the affected product.
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read vulnerability in VS6ComFile!load_link_inf. Opening a crafted V7 file may lead to information disclosure from the affected product.
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=maersk-group' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
