fanavagroup.co A.I CyberSecurity Scoring
fanavagroup.co
Company Information
Website:http://www.fanava.com
Employees number:71
Number of followers:1,398
NAICS:517
Industry Type:Telecommunications
Homepage:fanava.com
fanavagroup.co Risk Score (AI oriented)
Between 700 and 749
fanavagroup.coTelecommunications
Updated:
23/03/2026
23/03/2026
739/1000
Moderate
Ba
fanavagroup.co Global Score (TPRM)
xxxx
fanavagroup.coTelecommunications
Score locked

fanavagroup.coModerate
Current Score
739Ba (MODERATE)
01000
1 incidents
0 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
741
JUNE 2026
741
MAY 2026
740
APRIL 2026
740
MARCH 2026
739
FEBRUARY 2026
739
JANUARY 2026
739
DECEMBER 2025
738
NOVEMBER 2025
738
OCTOBER 2025
737
SEPTEMBER 2025
737
AUGUST 2025
736
MARCH 2025
753
Cyber Attack
18 Mar 2025 • fanavagroup.co
Islamic Republic of Iran Shipping Lines and Fanava Group: Center for International Maritime Security
Coordinated Cyberattack on Iranian Maritime Fleet via Fanava Group Compromise
733
CRITICAL-20
FANIRI1774284457
Cybersecurity Threat: The Maritime Fleet as an Unwitting Intelligence Network
In March 2025, a coordinated cyberattack by the group Lab Dookhtegan disabled satellite communications for 116 Iranian state-owned vessels, including those operated by the National Iranian Tanker Company (NITC) and Islamic Republic of Iran Shipping Lines (IRISL). The attackers compromised Fanava Group, an Iranian satellite and IT provider, gaining root-level access to VSAT terminals across the fleet. While the attack severed ship-to-shore links and disabled Automatic Identification System (AIS) tracking, the breach also provided adversaries with real-time vessel positions, voice communications, and data traffic demonstrating how maritime infrastructure can function as an unintentional intelligence-gathering platform.
### A Global Network of Exploitable Data
Modern commercial vessels operate as distributed sensor networks, broadcasting exploitable data through VSAT terminals, AIS transponders, GNSS systems, and onboard Wi-Fi. Despite IMO Resolution MSC.428(98), which mandates cyber risk management, enforcement remains weak. Industry guidelines, such as those from BIMCO, highlight persistent vulnerabilities:
- Fragmented accountability among owners, management companies, and crews.
- Legacy systems with unsupported software.
- Minimal cybersecurity oversight from classification societies and port authorities.
The barrier to access is alarmingly low. Security researchers have demonstrated that default credentials (e.g., "admin/1234") can grant entry to vessel satellite systems no advanced exploits required.
### Intelligence Collection Without Deployment
Adversaries no longer need dedicated SIGINT platforms; the commercial fleet provides passive collection opportunities at scale:
- Communications interception: Unencrypted VSAT traffic exposes voice calls, emails, and data transfers.
- Location tracking: AIS broadcasts real-time vessel positions, while voyage histories reveal movement patterns.
- Physical proximity: Vessels routinely anchor near naval bases, undersea cables, and strategic chokepoints, enabling passive surveillance.
- Supply chain compromise: A single breach (e.g., Fanava Group) can grant access to hundreds of vessels simultaneously.
Recent incidents underscore the threat:
- March 2026: The French aircraft carrier Charles de Gaulle was tracked via Strava fitness data from a sailor’s smartwatch.
- 2025: Mustang Panda (China) and SideWinder APT (South Asia) targeted maritime firms in Norway, Greece, Egypt, and Vietnam.
- 2023-2024: Ransomware attacks disrupted Lürssen (shipbuilder), Brunswick Corporation ($85M loss), and MarineMax (123,000 records exfiltrated).
### Strategic Geography & Adversary Exploitation
Commercial vessels transit high-value intelligence zones, including:
- Mediterranean: NATO/Russian operations and energy transit routes.
- Arabian Gulf/Red Sea: Critical infrastructure and naval operations.
- Indo-Pacific: South China Sea, Malacca Strait, and waters near Taiwan and Australia’s submarine communications hubs.
China’s maritime militia embeds intelligence personnel on fishing and merchant vessels, while Russia’s Yantar spy ship surveils undersea cables. Unlike state-run programs, the unwitting fleet requires no deployment just exploitation of existing vulnerabilities.
### Implications for Defense & Intelligence
The maritime sector’s cybersecurity gaps extend beyond operational disruption they enable adversary intelligence collection by default. Naval and intelligence communities must:
- Monitor commercial vessels near defense installations.
- Strengthen supply chain security for VSAT providers and navigation systems.
- Integrate maritime cyber threats into threat assessments and exercises.
The commercial fleet is not just vulnerable it is already functioning as adversary infrastructure, radiating data across strategic waters with minimal security. The challenge is no longer preventing access but recognizing the scale of exposure.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for fanavagroup.co ??
What was fanavagroup.co's A.I Rankiteo Cyber Score in June 2026 ??
What was fanavagroup.co's A.I Rankiteo Cyber Score in May 2026 ??
What was fanavagroup.co's A.I Rankiteo Cyber Score in April 2026 ??
What was fanavagroup.co's A.I Rankiteo Cyber Score in March 2026 ??
What was fanavagroup.co's A.I Rankiteo Cyber Score in February 2026 ??
What was fanavagroup.co's A.I Rankiteo Cyber Score in January 2026 ??
What was fanavagroup.co's A.I Rankiteo Cyber Score in December 2025 ??
What was fanavagroup.co's A.I Rankiteo Cyber Score in November 2025 ??
What was fanavagroup.co's A.I Rankiteo Cyber Score in October 2025 ??
What was fanavagroup.co's A.I Rankiteo Cyber Score in September 2025 ??
What was fanavagroup.co's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on fanavagroup.co's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with fanavagroup.co ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view fanavagroup.co's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?