MMSC
Company Details
Linkedin ID:
msc-mediterranean-shipping-co--s-a-
Website:
Employees number:
35,066
Number of followers:
1,438,797
NAICS:
47
Industry Type:
Homepage:
msc.com
IP Addresses:
0
Company ID:
MSC_5355941
Scan Status:
In-progress
Internal validation & live display
Multiple badges & continuous verification
Faster underwriting decisions
MSC Mediterranean Shipping Company Vendor Cyber Rating & Cyber Score
msc.comMSC is a privately owned global shipping company founded in 1970 by Gianluigi Aponte. As one of the world’s leading container shipping lines with headquarters in Geneva, Switzerland, MSC operates in over 675 offices across more than 155 countries worldwide with over 200,000 MSC Group employees. With access to an integrated network of road, rail and sea transport resources which stretches across the globe, the company prides itself on delivering global service with local knowledge. OUR SERVICES MSC is a world leader in global container shipping and a company offering global service with local knowledge. MSC also provides integrated network of road, rail and sea transport resources which stretches across the globe. YOUR INDUSTRY Bringing you industry-specific expertise; whatever you’re shipping, wherever you’re shipping it. MSC delivers a professional, efficient service tailored to the specific needs of your business. Our services are designed around you.
MSC Mediterranean Shipping Company A.I CyberSecurity Scoring
MMSC Risk Score (AI oriented)Between 750 and 799
MMSC
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
MMSC Global Score (TPRM)XXXX
MMSC
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
MMSC Company CyberSecurity News & History
Past Incidents
3
Attack Types
1
Grandi Navi Veloci and MSC-Mediterranean Shipping Company SA: Passenger Ferry Held for Hours After Suspected Russian Hack
Cyber Attack
Rankiteo Explanation
Attack limited on finance or reputation
Description: Russian Military Hackers Suspected in Cyber Intrusion Targeting MSC Ferry European investigators are examining a suspected cyber intrusion by Russian military hackers targeting a ferry operated by MSC-Mediterranean Shipping Company SA, the world’s largest container shipping group. The incident occurred over the weekend in the southern French port of Sète, where the vessel part of MSC’s Grandi Navi Veloci unit was immobilized on Saturday as authorities assessed potential risks to operational systems. The ferry resumed its voyage to Algeria on Sunday after confirming no critical systems were compromised. The breach attempt, which remains under investigation by French and Italian officials, is believed to be linked to Russia’s GRU military intelligence agency. Forensic analysis reportedly identified overlaps in tactics, techniques, and procedures (TTPs) with previous GRU operations, including those publicly attributed to Unit 29155 by U.S. agencies like the FBI and CISA. No official attribution has been made, and the Kremlin has not responded to requests for comment. The attack targeted the ferry’s office computer network, aiming to impersonate legitimate users, but failed to penetrate operational systems such as navigation, propulsion, or the Automatic Identification System (AIS) due to network segregation and restricted remote access. Investigators noted that while sabotage was averted, the incident underscores vulnerabilities in maritime cybersecurity, particularly the risk of physical access attacks for surveillance or long-term infiltration. This is not the first attempt against the vessel. In November, a Raspberry Pi device a concealed miniature computer was discovered connected to a shipboard system in a restricted area, triggering security alerts. A second device, found last week and paired with a cellular modem for remote access, was seized for forensic analysis. Authorities suspect a third device may still be active on another ship. The incident highlights growing concerns over cyber threats to global maritime trade, which carries the majority of world commerce. Disruptions in shipping networks could have cascading effects on supply chains, critical infrastructure, and sensitive military or commercial movements. While this attack was contained, it reflects a broader pattern of state-sponsored cyber espionage targeting high-value logistics assets.
MSC: Why hackers are targeting the world's shipping
Cyber Attack
Rankiteo Explanation
Attack threatening the organization's existence
Description: Rising Cyber Threats Target the Global Shipping Industry The maritime sector is facing a surge in cyber attacks, driven by increased digitization, outdated infrastructure, and geopolitical tensions. With around 80% of global trade transported by sea, shipping has become a prime target for criminal gangs and state-backed hackers. Key Threats and Incidents Cyber criminals exploit vulnerabilities in aging ship systems many vessels average 22 years old through tactics like GPS spoofing, where hackers manipulate navigation systems to misdirect ships, risking physical damage. Man-in-the-middle attacks intercept communications, enabling fraud or data theft, while ransomware incidents have doubled in cost, averaging $550,000 per attack (2022–2023). In extreme cases, ransom demands reach $3.2 million. Notable incidents include the MSC Antonia, which experienced suspected GPS spoofing in the Red Sea, and attacks linked to Nigerian criminal networks, Russia, China, North Korea, and Iran. Hackers also exploit emissions-monitoring sensors and satellite services like Starlink to gain access. Industry Response The International Maritime Organization (IMO) introduced mandatory cybersecurity provisions in 2021, requiring ships to integrate risk management into safety systems. While awareness has grown, experts warn that anti-jam technology remains costly, and many vessels lack modern defenses. Impact Disruptions can cripple operations, inflate costs, and reduce shipping capacity. With attacks rising from 10 in 2021 to far higher numbers in recent years the industry is scrambling to close security gaps amid an increasingly connected, yet vulnerable, digital landscape.
Mediterranean Shipping Company (MSC)
Cyber Attack
Rankiteo Explanation
Attack threatening the organization’s existence
Description: In April 2020, the Geneva-based Mediterranean Shipping Company (MSC), one of the world’s largest shipping firms, fell victim to a targeted malware attack exploiting an engineered vulnerability. The assault was localized to a limited number of physical systems at MSC’s Geneva headquarters but triggered a data center outage, crippling critical operations. The company’s digital booking tool and official website were knocked offline, leaving customers unable to access essential services for approximately five days.The disruption severely impacted MSC’s ability to process shipments, manage bookings, and maintain customer communications, leading to operational paralysis and potential financial losses from delayed transactions. While the attack did not explicitly mention data theft or ransomware demands, the prolonged outage of core systems including customer-facing platforms highlighted the vulnerability of global logistics infrastructure to cyber threats. The incident also underscored a broader trend of escalating cyberattacks on shipping giants, raising concerns about supply chain resilience in the face of digital sabotage.
MMSC Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for MMSC
Incidents vs Transportation, Logistics, Supply Chain and Storage Industry Average (This Year)
No incidents recorded for MSC Mediterranean Shipping Company in 2026.
Incidents vs All-Companies Average (This Year)
No incidents recorded for MSC Mediterranean Shipping Company in 2026.
Incident Types MMSC vs Transportation, Logistics, Supply Chain and Storage Industry Avg (This Year)
No incidents recorded for MSC Mediterranean Shipping Company in 2026.
Incident History — MMSC (X = Date, Y = Severity)
MMSC cyber incidents detection timeline including parent company and subsidiaries
MMSC Company Subsidiaries
MSC is a privately owned global shipping company founded in 1970 by Gianluigi Aponte. As one of the world’s leading container shipping lines with headquarters in Geneva, Switzerland, MSC operates in over 675 offices across more than 155 countries worldwide with over 200,000 MSC Group employees. With access to an integrated network of road, rail and sea transport resources which stretches across the globe, the company prides itself on delivering global service with local knowledge. OUR SERVICES MSC is a world leader in global container shipping and a company offering global service with local knowledge. MSC also provides integrated network of road, rail and sea transport resources which stretches across the globe. YOUR INDUSTRY Bringing you industry-specific expertise; whatever you’re shipping, wherever you’re shipping it. MSC delivers a professional, efficient service tailored to the specific needs of your business. Our services are designed around you.
Loading...
MMSC Similar Companies
bnode
bnode (formerly bpostgroup) is a digital expert in parcel logistics, active in Europe, North America and Asia-Pacific. The group operates through three business units: 3PL (soon to be paxon, with brands as Active Ants, Staci and Radial), Cross-border (working under the name of Landmark Global) and B
Blue Dart
Blue Dart Express Ltd., South Asia's premier express air, integrated transportation & distribution company, offers secure and reliable delivery of consignments to over 56,000+ locations in India. Blue Dart is a provider of choice for its stakeholders due to its customer centric approach and aims to
DP World
Trade is the lifeblood of the global economy, creating opportunities and improving the quality of life for people around the world. DP World exists to make the world’s trade flow better, changing what’s possible for the customers and communities we serve globally. With a dedicated, diverse and p
Poste Italiane
L'azienda opera in Italia e svolge un ruolo importante nel Paese, dando un forte contributo alla filiera produttiva e all'economia nazionale. Il Gruppo Poste Italiane rappresenta una realtà unica per dimensioni, riconoscibilità, capillarità e fiducia da parte della clientela, e fornisce un important
Aramex
Founded in 1982, Aramex has emerged as a global leader in logistics and transportation, renowned for its innovative services tailored to businesses and consumers. As a listed company on the Dubai Financial Market (since 2005) and headquartered in the UAE, our strategic location facilitates extensive
Penske Logistics
Penske Logistics is a Penske Transportation Solutions company headquartered in Reading, Pennsylvania. The company is a leading provider of innovative supply chain and logistics solutions. Penske offers solutions including dedicated transportation, distribution center management, 4PL and lead logisti
La Poste Groupe
Premier réseau commercial de proximité en France, le groupe La Poste est organisé en 4 branches d’activité : Services-Courrier-Colis, Banque et Assurance, Distributeur physique et numérique, GeoPost/DPDGroup pour l'international. Présent dans plus de 63 pays, sur 5 continents, il a réalisé un chiffr
Transnet SOC Ltd
As the custodian of ports, rail and pipelines, Transnet’s objective is to ensure a globally competitive freight system that enables sustained growth and diversification of the country’s economy. As a state-owned company, Transnet continues to leave an indelible mark on the lives of all South Afri
Arvato
𝗪𝗲 𝘀𝗵𝗮𝗽𝗲 𝘀𝘂𝗽𝗽𝗹𝘆 𝗰𝗵𝗮𝗶𝗻𝘀 𝗴𝗹𝗼𝗯𝗮𝗹𝗹𝘆 Logistics seems so simple – just goods in, goods out. For us there is so much more to it. By combining deep industry expertise with the right technologies, we develop innovative supply chain management and e-commerce solutions for our clients. We have aligned our o
.png)
MMSC CyberSecurity News
December 19, 2025 08:00 AM
REPORT - Pre-Emptive Cyber Sabotage Attempt on GNV Ro-Pax Vessel Fantastic: Hybrid Threat Vectors in Mediterranean Maritime Domain, December 2025
REPORT - Pre-Emptive Cyber Sabotage Attempt on GNV Ro-Pax Vessel Fantastic: Hybrid Threat Vectors in Mediterranean Maritime Domain,...
December 18, 2025 08:00 AM
France Launches Foreign Interference Probe After Malware Discovered on Mediterranean Ferry
French authorities are investigating a suspected foreign interference operation after malware capable of remote system control was...
December 16, 2025 08:00 AM
Passenger Ferry Held For Hours After Suspected Russian Hack
European investigators are probing whether Russian military hackers breached computer systems on a vessel owned by MSC-Mediterranean...
October 28, 2025 07:00 AM
Cybersecurity jobs available right now: October 28, 2025
Here are the worldwide cybersecurity job openings available as of October 28, 2025, including on-site, hybrid, and remote roles.
April 25, 2025 07:00 AM
News Wan Hai joins box shipping 'arms race', but avoids Chinese yards for newbuilds
Fallout from the US-China tariff war is not stopping the container shipping 'arms race', as major shipping lines continue to invest heavily in large box ships.
April 10, 2025 07:00 AM
Fincantieri launches Ingenium with Accenture to bring AI, cybersecurity and big data
New joint venture to create a digital ecosystem for the shipbuilding industry, enhancing connectivity and sustainability.
January 23, 2025 08:00 AM
50 Over 50: Global 2025
The trailblazers on the first-ever 50 Over 50 Global list work across 32 countries and territories and are shaping everything from cybersecurity to science and...
September 07, 2024 08:59 PM
Best Practices for Cybersecurity in Shipping
Cybersecurity has become the number one concern in the maritime industry. Here are the best ways to mitigate cyber risks and become more cyber aware.
August 29, 2024 07:00 AM
MSC installs giant LNG tank on a 16,000 TEU container vessel
GSI has completed the installation of a giant LNG tank, "Type B", on an MSC container vessel.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
MMSC CyberSecurity History Information
Official Website of MSC Mediterranean Shipping Company
The official website of MSC Mediterranean Shipping Company is https://www.msc.com.
MSC Mediterranean Shipping Company’s AI-Generated Cybersecurity Score
According to Rankiteo, MSC Mediterranean Shipping Company’s AI-generated cybersecurity score is 782, reflecting their Fair security posture.
How many security badges does MSC Mediterranean Shipping Company’ have ?
According to Rankiteo, MSC Mediterranean Shipping Company currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Has MSC Mediterranean Shipping Company been affected by any supply chain cyber incidents ?
According to Rankiteo, MSC Mediterranean Shipping Company has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.
Does MSC Mediterranean Shipping Company have SOC 2 Type 1 certification ?
According to Rankiteo, MSC Mediterranean Shipping Company is not certified under SOC 2 Type 1.
Does MSC Mediterranean Shipping Company have SOC 2 Type 2 certification ?
According to Rankiteo, MSC Mediterranean Shipping Company does not hold a SOC 2 Type 2 certification.
Does MSC Mediterranean Shipping Company comply with GDPR ?
According to Rankiteo, MSC Mediterranean Shipping Company is not listed as GDPR compliant.
Does MSC Mediterranean Shipping Company have PCI DSS certification ?
According to Rankiteo, MSC Mediterranean Shipping Company does not currently maintain PCI DSS compliance.
Does MSC Mediterranean Shipping Company comply with HIPAA ?
According to Rankiteo, MSC Mediterranean Shipping Company is not compliant with HIPAA regulations.
Does MSC Mediterranean Shipping Company have ISO 27001 certification ?
According to Rankiteo,MSC Mediterranean Shipping Company is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of MSC Mediterranean Shipping Company
MSC Mediterranean Shipping Company operates primarily in the Transportation, Logistics, Supply Chain and Storage industry.
Number of Employees at MSC Mediterranean Shipping Company
MSC Mediterranean Shipping Company employs approximately 35,066 people worldwide.
Subsidiaries Owned by MSC Mediterranean Shipping Company
MSC Mediterranean Shipping Company presently has no subsidiaries across any sectors.
MSC Mediterranean Shipping Company’s LinkedIn Followers
MSC Mediterranean Shipping Company’s official LinkedIn profile has approximately 1,438,797 followers.
NAICS Classification of MSC Mediterranean Shipping Company
MSC Mediterranean Shipping Company is classified under the NAICS code 47, which corresponds to Transportation and Warehousing.
MSC Mediterranean Shipping Company’s Presence on Crunchbase
No, MSC Mediterranean Shipping Company does not have a profile on Crunchbase.
MSC Mediterranean Shipping Company’s Presence on LinkedIn
Yes, MSC Mediterranean Shipping Company maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/msc-mediterranean-shipping-co--s-a-.
Cybersecurity Incidents Involving MSC Mediterranean Shipping Company
As of April 02, 2026, Rankiteo reports that MSC Mediterranean Shipping Company has experienced 3 cybersecurity incidents.
Number of Peer and Competitor Companies
MSC Mediterranean Shipping Company has an estimated 6,532 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at MSC Mediterranean Shipping Company ?
Incident Types: The types of cybersecurity incidents that have occurred include Cyber Attack.
What was the total financial impact of these incidents on MSC Mediterranean Shipping Company ?
Total Financial Loss: The total financial loss from these incidents is estimated to be $550 million.
How does MSC Mediterranean Shipping Company detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an incident response plan activated with yes, and law enforcement notified with yes (french and italian authorities), and containment measures with removal of raspberry pi devices, forensic analysis, and remediation measures with network segregation, enhanced monitoring, and recovery measures with ferry resumed operations after investigation, and communication strategy with limited public disclosure (spokesperson confirmed intrusion attempt), and network segmentation with pre-existing segregation prevented lateral movement..
Incident Details
Can you provide details on each incident ?
Title: Malware Attack on Mediterranean Shipping Company (MSC)
Description: In April 2020, The Geneva (Switzerland) based Mediterranean Shipping Company (MSC) experienced a malware attack on their servers. The malware-based attack was confined to a limited number of physical computer systems in the headquarters in Geneva only. The malware attack was based on an engineered targeted vulnerability. The attack caused a data centre outage, resulting in the company’s digital booking tool and website being offline for about five days, denying customers access to these systems.
Date Detected: 2020-04
Type: Malware Attack
Attack Vector: Engineered targeted vulnerability
Title: Russian Military Hackers Suspected in MSC Ferry Cyber Intrusion
Description: European investigators are probing whether Russian military hackers breached computer systems on a vessel owned by MSC-Mediterranean Shipping Company SA. The ferry was immobilized in the southern French port of Sète as authorities confirmed operational systems were not compromised. The intrusion attempt was detected and neutralized by the company.
Type: Cyber Intrusion
Attack Vector: Physical access via Raspberry Pi devices with cellular modems
Vulnerability Exploited: Insufficient network segmentation between office and operational systems
Threat Actor: GRU (Russian military intelligence agency, possibly Unit 29155)
Motivation: EspionageLong-term surveillance
Title: Rising Cyber Threats Target the Global Shipping Industry
Description: The maritime sector is facing a surge in cyber attacks, driven by increased digitization, outdated infrastructure, and geopolitical tensions. With around 80% of global trade transported by sea, shipping has become a prime target for criminal gangs and state-backed hackers.
Type: GPS spoofing
Attack Vector: Aging ship systemsEmissions-monitoring sensorsSatellite services (e.g., Starlink)
Vulnerability Exploited: Outdated infrastructureLack of modern defensesInsufficient anti-jam technology
Threat Actor: Nigerian criminal networksRussiaChinaNorth KoreaIran
Motivation: Financial gainGeopolitical tensionsData theftOperational disruption
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Cyber Attack.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Physical access via Raspberry Pi devices.
Impact of the Incidents
What was the impact of each incident ?
Incident : Malware Attack MSC327092125
Systems Affected: Digital booking toolCompany websiteData centre
Downtime: 5 days
Operational Impact: Denial of access to digital booking tool and website for customers
Incident : Cyber Intrusion GNVMSC1765979891
Systems Affected: Office computer network
Downtime: Ferry immobilized for less than 24 hours
Operational Impact: No impact on navigation, propulsion, or AIS systems
Brand Reputation Impact: Potential reputational damage due to cybersecurity concerns
Incident : GPS spoofing MSC1772094527
Financial Loss: $550,000 (average per ransomware attack, 2022–2023)
Systems Affected: Navigation systemsCommunicationsEmissions-monitoring sensors
Operational Impact: Disruptions can cripple operations, inflate costs, and reduce shipping capacity
What is the average financial loss per incident ?
Average Financial Loss: The average financial loss per incident is $183.33 million.
Which entities were affected by each incident ?
Incident : Malware Attack MSC327092125
Entity Name: Mediterranean Shipping Company (MSC)
Entity Type: Corporation
Industry: Shipping/Logistics
Location: Geneva, Switzerland
Incident : Cyber Intrusion GNVMSC1765979891
Entity Name: MSC-Mediterranean Shipping Company SA (Grandi Navi Veloci unit)
Entity Type: Maritime transport company
Industry: Shipping and logistics
Location: Global (incident occurred in Sète, France)
Size: World's largest container shipping group
Incident : GPS spoofing MSC1772094527
Entity Name: MSC Antonia
Entity Type: Shipping vessel
Industry: Maritime
Location: Red Sea
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Cyber Intrusion GNVMSC1765979891
Incident Response Plan Activated: Yes
Law Enforcement Notified: Yes (French and Italian authorities)
Containment Measures: Removal of Raspberry Pi devices, forensic analysis
Remediation Measures: Network segregation, enhanced monitoring
Recovery Measures: Ferry resumed operations after investigation
Communication Strategy: Limited public disclosure (spokesperson confirmed intrusion attempt)
Network Segmentation: Pre-existing segregation prevented lateral movement
What is the company's incident response plan?
Incident Response Plan: The company's incident response plan is described as Yes.
Data Breach Information
What measures does the company take to prevent data exfiltration ?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Network segregation, enhanced monitoring.
How does the company handle incidents involving personally identifiable information (PII) ?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by removal of raspberry pi devices and forensic analysis.
Ransomware Information
Was ransomware involved in any of the incidents ?
Incident : GPS spoofing MSC1772094527
Ransom Demanded: ['$3.2 million (extreme cases)', '$550,000 (average per attack, 2022–2023)']
How does the company recover data encrypted by ransomware ?
Data Recovery from Ransomware: The company recovers data encrypted by ransomware through Ferry resumed operations after investigation.
Regulatory Compliance
Were there any regulatory violations and fines imposed for each incident ?
Incident : GPS spoofing MSC1772094527
Regulatory Notifications: IMO mandatory cybersecurity provisions (2021)
Lessons Learned and Recommendations
What lessons were learned from each incident ?
Incident : Cyber Intrusion GNVMSC1765979891
Lessons Learned: Importance of physical security for onboard networks, network segmentation, and monitoring for unauthorized devices.
Incident : GPS spoofing MSC1772094527
Lessons Learned: The industry needs to close security gaps amid an increasingly connected, yet vulnerable, digital landscape. Outdated infrastructure and lack of modern defenses are major vulnerabilities.
What recommendations were made to prevent future incidents ?
Incident : Cyber Intrusion GNVMSC1765979891
Recommendations: Enhance physical security measures for restricted-access areas on vessels, Improve detection of unauthorized hardware (e.g., Raspberry Pi devices), Strengthen network segmentation between office and operational systems, Conduct regular audits of onboard networks for anomaliesEnhance physical security measures for restricted-access areas on vessels, Improve detection of unauthorized hardware (e.g., Raspberry Pi devices), Strengthen network segmentation between office and operational systems, Conduct regular audits of onboard networks for anomaliesEnhance physical security measures for restricted-access areas on vessels, Improve detection of unauthorized hardware (e.g., Raspberry Pi devices), Strengthen network segmentation between office and operational systems, Conduct regular audits of onboard networks for anomaliesEnhance physical security measures for restricted-access areas on vessels, Improve detection of unauthorized hardware (e.g., Raspberry Pi devices), Strengthen network segmentation between office and operational systems, Conduct regular audits of onboard networks for anomalies
Incident : GPS spoofing MSC1772094527
Recommendations: Integrate risk management into safety systems, adopt anti-jam technology, and enhance cybersecurity awareness and defenses.
What are the key lessons learned from past incidents ?
Key Lessons Learned: The key lessons learned from past incidents are Importance of physical security for onboard networks, network segmentation, and monitoring for unauthorized devices.The industry needs to close security gaps amid an increasingly connected, yet vulnerable, digital landscape. Outdated infrastructure and lack of modern defenses are major vulnerabilities.
What recommendations has the company implemented to improve cybersecurity ?
Implemented Recommendations: The company has implemented the following recommendations to improve cybersecurity: Integrate risk management into safety systems, adopt anti-jam technology and and enhance cybersecurity awareness and defenses..
References
Where can I find more information about each incident ?
Incident : Cyber Intrusion GNVMSC1765979891
Source: Bloomberg
Incident : Cyber Intrusion GNVMSC1765979891
Source: Le Parisien
Incident : GPS spoofing MSC1772094527
Source: Industry reports (2022–2023)
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Bloomberg, and Source: Le Parisien, and Source: Industry reports (2022–2023).
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Cyber Intrusion GNVMSC1765979891
Investigation Status: Ongoing
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Limited public disclosure (spokesperson confirmed intrusion attempt).
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Cyber Intrusion GNVMSC1765979891
Entry Point: Physical access via Raspberry Pi devices
Backdoors Established: Cellular modems for remote access
High Value Targets: Office computer network
Data Sold on Dark Web: Office computer network
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Cyber Intrusion GNVMSC1765979891
Root Causes: Physical Security Lapse Allowing Unauthorized Device Installation, Potential Insider Assistance Or Lax Access Controls,
Corrective Actions: Forensic Analysis Of Seized Devices, Review Of Physical And Network Security Protocols,
Incident : GPS spoofing MSC1772094527
Root Causes: Outdated Infrastructure, Increased Digitization, Geopolitical Tensions, Lack Of Modern Defenses,
Corrective Actions: Imo Cybersecurity Provisions, Risk Management Integration, Enhanced Monitoring,
What corrective actions has the company taken based on post-incident analysis ?
Corrective Actions Taken: The company has taken the following corrective actions based on post-incident analysis: Forensic Analysis Of Seized Devices, Review Of Physical And Network Security Protocols, , Imo Cybersecurity Provisions, Risk Management Integration, Enhanced Monitoring, .
Additional Questions
General Information
What was the amount of the last ransom demanded ?
Last Ransom Demanded: The amount of the last ransom demanded was ['$3.2 million (extreme cases)', '$550,000 (average per attack, 2022–2023)'].
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident were an GRU (Russian military intelligence agency, possibly Unit 29155) and Nigerian criminal networksRussiaChinaNorth KoreaIran.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2020-04.
Impact of the Incidents
What was the highest financial loss from an incident ?
Highest Financial Loss: The highest financial loss from an incident was $550,000 (average per ransomware attack, 2022–2023).
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was Digital booking toolCompany websiteData centre and and Navigation systemsCommunicationsEmissions-monitoring sensors.
Response to the Incidents
What containment measures were taken in the most recent incident ?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident were Removal of Raspberry Pi devices and forensic analysis.
Ransomware Information
What was the highest ransom demanded in a ransomware incident ?
Highest Ransom Demanded: The highest ransom demanded in a ransomware incident was ['$3.2 million (extreme cases)', '$550,000 (average per attack, 2022–2023)'].
Lessons Learned and Recommendations
What was the most significant lesson learned from past incidents ?
Most Significant Lesson Learned: The most significant lesson learned from past incidents was Importance of physical security for onboard networks, network segmentation, and monitoring for unauthorized devices., The industry needs to close security gaps amid an increasingly connected, yet vulnerable, digital landscape. Outdated infrastructure and lack of modern defenses are major vulnerabilities.
What was the most significant recommendation implemented to improve cybersecurity ?
Most Significant Recommendation Implemented: The most significant recommendation implemented to improve cybersecurity was Conduct regular audits of onboard networks for anomalies, Improve detection of unauthorized hardware (e.g., Raspberry Pi devices), Enhance physical security measures for restricted-access areas on vessels, Strengthen network segmentation between office and operational systems, Integrate risk management into safety systems, adopt anti-jam technology and and enhance cybersecurity awareness and defenses..
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident are Industry reports (2022–2023), Le Parisien and Bloomberg.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Ongoing.
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker was an Physical access via Raspberry Pi devices.
Post-Incident Analysis
What was the most significant root cause identified in post-incident analysis ?
Most Significant Root Cause: The most significant root cause identified in post-incident analysis was Physical security lapse allowing unauthorized device installationPotential insider assistance or lax access controls, Outdated infrastructureIncreased digitizationGeopolitical tensionsLack of modern defenses.
What was the most significant corrective action taken based on post-incident analysis ?
Most Significant Corrective Action: The most significant corrective action taken based on post-incident analysis was Forensic analysis of seized devicesReview of physical and network security protocols, IMO cybersecurity provisionsRisk management integrationEnhanced monitoring.
.png)
Latest Global CVEs (Not Company-Specific)
Description
A vulnerability was found in Nothings stb up to 1.26. Impacted is the function stbtt_InitFont_internal in the library stb_truetype.h of the component TTF File Handler. Performing a manipulation results in out-of-bounds read. Remote exploitation of the attack is possible. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
Risk Information
cvss2
Base: 5.0
Severity: LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read in VS6ComFile!get_macro_mem_COM. Opening a crafted V7 file may lead to information disclosure from the affected product.
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
V-SFT versions 6.2.10.0 and prior contain a stack-based buffer overflow in VS6ComFile!CSaveData::_conv_AnimationItem. Opening a crafted V7 file may lead to arbitrary code execution on the affected product.
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read vulnerability in VS6MemInIF!set_temp_type_default. Opening a crafted V7 file may lead to information disclosure from the affected product.
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read vulnerability in VS6ComFile!load_link_inf. Opening a crafted V7 file may lead to information disclosure from the affected product.
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=msc-mediterranean-shipping-co--s-a-' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
