MSC Mediterranean Shipping Company Vendor Cyber Rating & Cyber Score

msc.com
ISOSOC2 Type 1SOC2 Type 2PCI DSSHIPAAGDPR

MSC is a privately owned global shipping company founded in 1970 by Gianluigi Aponte. As one of the world’s leading container shipping lines with headquarters in Geneva, Switzerland, MSC operates in over 675 offices across more than 155 countries worldwide with over 200,000 MSC Group employees. With access to an integrated network of road, rail and sea transport resources which stretches across the globe, the company prides itself on delivering global service with local knowledge. OUR SERVICES MSC is a world leader in global container shipping and a company offering global service with local knowledge. MSC also provides integrated network of road, rail and sea transport resources which stretches across the globe. YOUR INDUSTRY Bringing you industry-specific expertise; whatever you’re shipping, wherever you’re shipping it. MSC delivers a professional, efficient service tailored to the specific needs of your business. Our services are designed around you.

MSC Mediterranean Shipping Company A.I CyberSecurity Scoring

MMSC

Company Details

Linkedin ID:

msc-mediterranean-shipping-co--s-a-

Website:

https://www.msc.com

Employees number:

35,066

Number of followers:

1,438,797

NAICS:

47

Industry Type:

Transportation, Logistics, Supply Chain and Storage

Homepage:

msc.com

IP Addresses:

Scan still pending

Company ID:

MSC_5355941

Scan Status:

In-progress

AI scoreMMSC Risk Score (AI oriented)

Between 750 and 799

https://images.rankiteo.com/companyimages/msc-mediterranean-shipping-co--s-a-.jpeg
MMSC Transportation, Logistics, Supply Chain and Storage
Updated:
  • Powered by our proprietary A.I cyber incident model
  • Insurance preferes TPRM score to calculate premium
Get a Score Increase
globalscoreMMSC Global Score (TPRM)

XXXX

https://images.rankiteo.com/companyimages/msc-mediterranean-shipping-co--s-a-.jpeg
MMSC Transportation, Logistics, Supply Chain and Storage
  • Instant access to detailed risk factors
  • Benchmark vs. industry & size peers
  • Vulnerabilities
  • Findings

MSC Mediterranean Shipping Company

Fair
Current Score
782
Baa (Fair)
01000
3 incidents
-14.0 avg impact

Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.

APRIL 2026
782
MARCH 2026
781
FEBRUARY 2026
781
JANUARY 2026
780
DECEMBER 2025
793
Cyber Attack
14 Dec 2025 • Grandi Navi Veloci and MSC-Mediterranean Shipping Company SA: Passenger Ferry Held for Hours After Suspected Russian Hack
Russian Military Hackers Suspected in MSC Ferry Cyber Intrusion

**Russian Military Hackers Suspected in Cyber Intrusion Targeting MSC Ferry** European investigators are examining a suspected cyber intrusion by Russian military hackers targeting a ferry operated by **MSC-Mediterranean Shipping Company SA**, the world’s largest container shipping group. The incident occurred over the weekend in the **southern French port of Sète**, where the vessel—part of MSC’s **Grandi Navi Veloci** unit—was immobilized on **Saturday** as authorities assessed potential risks to operational systems. The ferry resumed its voyage to Algeria on **Sunday** after confirming no critical systems were compromised. The breach attempt, which remains under investigation by **French and Italian officials**, is believed to be linked to **Russia’s GRU military intelligence agency**. Forensic analysis reportedly identified overlaps in tactics, techniques, and procedures (TTPs) with previous GRU operations, including those publicly attributed to **Unit 29155** by U.S. agencies like the **FBI and CISA**. No official attribution has been made, and the Kremlin has not responded to requests for comment. The attack targeted the ferry’s **office computer network**, aiming to impersonate legitimate users, but failed to penetrate **operational systems**—such as navigation, propulsion, or the Automatic Identification System (AIS)—due to network segregation and restricted remote access. Investigators noted that while sabotage was averted, the incident underscores vulnerabilities in maritime cybersecurity, particularly the risk of **physical access attacks** for surveillance or long-term infiltration. This is not the first attempt against the vessel. In **November**, a **Raspberry Pi device**—a concealed miniature computer—was discovered connected to a shipboard system in a restricted area, triggering security alerts. A second device, found last week and paired with a **cellular modem** for remote access, was seized for forensic analysis. Authorities suspect a **third device** may still be active on another ship. The incident highlights growing concerns over **cyber threats to global maritime trade**, which carries the majority of world commerce. Disruptions in shipping networks could have cascading effects on supply chains, critical infrastructure, and sensitive military or commercial movements. While this attack was contained, it reflects a broader pattern of **state-sponsored cyber espionage** targeting high-value logistics assets.

779
high -14
GNVMSC1765979891
Incident Details -
Type
Cyber Intrusion
Attack Vector
Physical access via Raspberry Pi devices with cellular modems
Vulnerability Exploited
Insufficient network segmentation between office and operational systems
Motivation
Espionage Long-term surveillance
Impact
Systems Affected: Office computer network Downtime: Ferry immobilized for less than 24 hours Operational Impact: No impact on navigation, propulsion, or AIS systems Brand Reputation Impact: Potential reputational damage due to cybersecurity concerns
Response
Incident Response Plan Activated: Yes Law Enforcement Notified: Yes (French and Italian authorities) Containment Measures: Removal of Raspberry Pi devices, forensic analysis Remediation Measures: Network segregation, enhanced monitoring Recovery Measures: Ferry resumed operations after investigation Communication Strategy: Limited public disclosure (spokesperson confirmed intrusion attempt) Network Segmentation: Pre-existing segregation prevented lateral movement
Lessons Learned
Importance of physical security for onboard networks, network segmentation, and monitoring for unauthorized devices.
Recommendations
Enhance physical security measures for restricted-access areas on vessels Improve detection of unauthorized hardware (e.g., Raspberry Pi devices) Strengthen network segmentation between office and operational systems Conduct regular audits of onboard networks for anomalies
Investigation Status
['Ongoing']
Initial Access Broker
Entry Point: Physical access via Raspberry Pi devices Backdoors Established: Cellular modems for remote access High Value Targets: Office computer network
Post Incident Analysis
Physical security lapse allowing unauthorized device installation Potential insider assistance or lax access controls Forensic analysis of seized devices Review of physical and network security protocols
References
Blog URL Source URL
NOVEMBER 2025
792
OCTOBER 2025
792
SEPTEMBER 2025
791
AUGUST 2025
791
JULY 2025
790
JUNE 2025
790
MAY 2025
803
Cyber Attack
01 May 2025 • MSC: Why hackers are targeting the world's shipping
Rising Cyber Threats Target the Global Shipping Industry

**Rising Cyber Threats Target the Global Shipping Industry** The maritime sector is facing a surge in cyber attacks, driven by increased digitization, outdated infrastructure, and geopolitical tensions. With around 80% of global trade transported by sea, shipping has become a prime target for criminal gangs and state-backed hackers. **Key Threats and Incidents** Cyber criminals exploit vulnerabilities in aging ship systems many vessels average 22 years old through tactics like **GPS spoofing**, where hackers manipulate navigation systems to misdirect ships, risking physical damage. **Man-in-the-middle attacks** intercept communications, enabling fraud or data theft, while **ransomware** incidents have doubled in cost, averaging **$550,000 per attack** (2022–2023). In extreme cases, ransom demands reach **$3.2 million**. Notable incidents include the **MSC Antonia**, which experienced suspected GPS spoofing in the Red Sea, and attacks linked to **Nigerian criminal networks**, **Russia, China, North Korea, and Iran**. Hackers also exploit **emissions-monitoring sensors** and satellite services like **Starlink** to gain access. **Industry Response** The **International Maritime Organization (IMO)** introduced mandatory cybersecurity provisions in 2021, requiring ships to integrate risk management into safety systems. While awareness has grown, experts warn that **anti-jam technology** remains costly, and many vessels lack modern defenses. **Impact** Disruptions can cripple operations, inflate costs, and reduce shipping capacity. With attacks rising from **10 in 2021** to far higher numbers in recent years the industry is scrambling to close security gaps amid an increasingly connected, yet vulnerable, digital landscape.

789
critical -14
MSC1772094527
Incident Details -
Type
GPS spoofing Man-in-the-middle attacks Ransomware
Attack Vector
Aging ship systems Emissions-monitoring sensors Satellite services (e.g., Starlink)
Vulnerability Exploited
Outdated infrastructure Lack of modern defenses Insufficient anti-jam technology
Motivation
Financial gain Geopolitical tensions Data theft Operational disruption
Impact
Financial Loss: $550,000 (average per ransomware attack, 2022–2023) Navigation systems Communications Emissions-monitoring sensors Operational Impact: Disruptions can cripple operations, inflate costs, and reduce shipping capacity
Regulatory Compliance
Regulatory Notifications: IMO mandatory cybersecurity provisions (2021)
Lessons Learned
The industry needs to close security gaps amid an increasingly connected, yet vulnerable, digital landscape. Outdated infrastructure and lack of modern defenses are major vulnerabilities.
Recommendations
Integrate risk management into safety systems, adopt anti-jam technology, and enhance cybersecurity awareness and defenses.
Post Incident Analysis
Outdated infrastructure Increased digitization Geopolitical tensions Lack of modern defenses IMO cybersecurity provisions Risk management integration Enhanced monitoring
References
Blog URL Source URL
APRIL 2020
805
Cyber Attack
01 Apr 2020 • Mediterranean Shipping Company (MSC)
Malware Attack on Mediterranean Shipping Company (MSC)

In April 2020, the Geneva-based **Mediterranean Shipping Company (MSC)**, one of the world’s largest shipping firms, fell victim to a **targeted malware attack** exploiting an engineered vulnerability. The assault was localized to a limited number of physical systems at MSC’s Geneva headquarters but triggered a **data center outage**, crippling critical operations. The company’s **digital booking tool and official website were knocked offline**, leaving customers unable to access essential services for approximately **five days**.The disruption severely impacted MSC’s ability to process shipments, manage bookings, and maintain customer communications, leading to **operational paralysis** and potential financial losses from delayed transactions. While the attack did not explicitly mention data theft or ransomware demands, the **prolonged outage of core systems**—including customer-facing platforms—highlighted the vulnerability of global logistics infrastructure to cyber threats. The incident also underscored a broader trend of **escalating cyberattacks on shipping giants**, raising concerns about supply chain resilience in the face of digital sabotage.

796
critical -9
MSC327092125
Incident Details -
Type
Malware Attack
Attack Vector
Engineered targeted vulnerability
Impact
Digital booking tool Company website Data centre Downtime: 5 days Operational Impact: Denial of access to digital booking tool and website for customers
References
Blog URL Source URL

Frequently Asked Questions

According to Rankiteo, the current A.I.-based Cyber Score for MSC Mediterranean Shipping Company is 782, which corresponds to a Fair rating.

According to Rankiteo, the A.I. Rankiteo Cyber Score for March 2026 was 781.

According to Rankiteo, the A.I. Rankiteo Cyber Score for February 2026 was 781.

According to Rankiteo, the A.I. Rankiteo Cyber Score for January 2026 was 780.

According to Rankiteo, the A.I. Rankiteo Cyber Score for December 2025 was 793.

According to Rankiteo, the A.I. Rankiteo Cyber Score for November 2025 was 792.

According to Rankiteo, the A.I. Rankiteo Cyber Score for October 2025 was 792.

According to Rankiteo, the A.I. Rankiteo Cyber Score for September 2025 was 791.

According to Rankiteo, the A.I. Rankiteo Cyber Score for August 2025 was 791.

According to Rankiteo, the A.I. Rankiteo Cyber Score for July 2025 was 790.

According to Rankiteo, the A.I. Rankiteo Cyber Score for June 2025 was 790.

According to Rankiteo, the A.I. Rankiteo Cyber Score for May 2025 was 789.

Over the past 12 months, the average per-incident point impact on MSC Mediterranean Shipping Company’s A.I Rankiteo Cyber Score has been -14.0 points.

You can access MSC Mediterranean Shipping Company’s cyber incident details on Rankiteo by visiting the following link: https://www.rankiteo.com/company/msc-mediterranean-shipping-co--s-a-.

You can find the summary of the A.I Rankiteo Risk Scoring methodology on Rankiteo by visiting the following link: Rankiteo Algorithm.

You can view MSC Mediterranean Shipping Company’s profile page on Rankiteo by visiting the following link: https://www.rankiteo.com/company/msc-mediterranean-shipping-co--s-a-.

With scores of 18.5/20 from OpenAI ChatGPT, 20/20 from Mistral AI, and 17/20 from Claude AI, the A.I. Rankiteo Risk Scoring methodology is validated as a market leader.