GNV
Company Details
Linkedin ID:
gnvferries
Website:
Employees number:
1,720
Number of followers:
48,292
NAICS:
483
Industry Type:
Homepage:
gnv.it
IP Addresses:
0
Company ID:
GNV_1474295
Scan Status:
In-progress
GNV Company CyberSecurity Posture
gnv.it
GNV operates on 33 maritime routes connecting Italy (including Sardinia and Sicily), Tunisia, Algeria, Morocco, Spain, France, Albania, and Malta. Destinations include Genoa, Civitavecchia, Naples, Palermo, Termini Imerese, Olbia, Porto Torres, Barcelona, Valencia, Palma de Mallorca, Ibiza, Mahón, Almería, Tunis, Tangier, Algiers, Bejaia, Nador, Sète, Bari, Durrës, and Malta. GNV is also actively engaged in the development of "maritime motorways of the sea", positioning sea transport as a cost-effective alternative to traditional road transport. This innovative approach not only reduces transportation costs but also provides an efficient solution to the environmental challenges associated with heavy lorry traffic on national road networks. 6 domestic lines in SICILY Genova-Palermo Civitavecchia-Palermo Civitavecchia-Termini Imerese Napoli-Palermo Napoli-Termini Imerese Genova-Termini Imerese (freight only) 3 domestic lines in SARDINIA Civitavecchia-Olbia Genova-Olbia Genova-Porto Torres 3 international lines in TUNISIA Genova-Tunisi Civitavecchia-Tunisi Palermo-Tunisi 2 international lines in ALGERIA Sète - Algiers, Sète - Bejaia, 6 international lines in BALEARICS Barcellona-Mahón Barcellona-Palma di Maiorca Palma di Maiorca-Ibiza Palma di Maiorca-Mahón Valencia-Ibiza Valencia-Palma di Maiorca 6 international lines in MAROCCO Genova-Tangeri Sete-Tangeri Sete-Nador Barcellona-Tangeri Barcellona-Nador Genova-Barcellona 1 international line in ALBANIA Bari-Durazzo 2 international lines in MALTA (freight only) Genova-Malta Palermo-Malta
GNV A.I CyberSecurity Scoring
GNV Risk Score (AI oriented)Between 700 and 749
GNV
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
GNV Global Score (TPRM)XXXX
GNV
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
GNV Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Grandi Navi Veloci and MSC-Mediterranean Shipping Company SA: Passenger Ferry Held for Hours After Suspected Russian Hack
Cyber Attack
Rankiteo Explanation
Attack limited on finance or reputation
Description: **Russian Military Hackers Suspected in Cyber Intrusion Targeting MSC Ferry** European investigators are examining a suspected cyber intrusion by Russian military hackers targeting a ferry operated by **MSC-Mediterranean Shipping Company SA**, the world’s largest container shipping group. The incident occurred over the weekend in the **southern French port of Sète**, where the vessel—part of MSC’s **Grandi Navi Veloci** unit—was immobilized on **Saturday** as authorities assessed potential risks to operational systems. The ferry resumed its voyage to Algeria on **Sunday** after confirming no critical systems were compromised. The breach attempt, which remains under investigation by **French and Italian officials**, is believed to be linked to **Russia’s GRU military intelligence agency**. Forensic analysis reportedly identified overlaps in tactics, techniques, and procedures (TTPs) with previous GRU operations, including those publicly attributed to **Unit 29155** by U.S. agencies like the **FBI and CISA**. No official attribution has been made, and the Kremlin has not responded to requests for comment. The attack targeted the ferry’s **office computer network**, aiming to impersonate legitimate users, but failed to penetrate **operational systems**—such as navigation, propulsion, or the Automatic Identification System (AIS)—due to network segregation and restricted remote access. Investigators noted that while sabotage was averted, the incident underscores vulnerabilities in maritime cybersecurity, particularly the risk of **physical access attacks** for surveillance or long-term infiltration. This is not the first attempt against the vessel. In **November**, a **Raspberry Pi device**—a concealed miniature computer—was discovered connected to a shipboard system in a restricted area, triggering security alerts. A second device, found last week and paired with a **cellular modem** for remote access, was seized for forensic analysis. Authorities suspect a **third device** may still be active on another ship. The incident highlights growing concerns over **cyber threats to global maritime trade**, which carries the majority of world commerce. Disruptions in shipping networks could have cascading effects on supply chains, critical infrastructure, and sensitive military or commercial movements. While this attack was contained, it reflects a broader pattern of **state-sponsored cyber espionage** targeting high-value logistics assets.
GNV Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for GNV
Incidents vs Maritime Transportation Industry Average (This Year)
GNV has 24.81% fewer incidents than the average of same-industry companies with at least one recorded incident.
Incidents vs All-Companies Average (This Year)
GNV has 28.21% more incidents than the average of all companies with at least one recorded incident.
Incident Types GNV vs Maritime Transportation Industry Avg (This Year)
GNV reported 1 incidents this year: 1 cyber attacks, 0 ransomware, 0 vulnerabilities, 0 data breaches, compared to industry peers with at least 1 incident.
Incident History — GNV (X = Date, Y = Severity)
GNV cyber incidents detection timeline including parent company and subsidiaries
GNV Company Subsidiaries
GNV operates on 33 maritime routes connecting Italy (including Sardinia and Sicily), Tunisia, Algeria, Morocco, Spain, France, Albania, and Malta. Destinations include Genoa, Civitavecchia, Naples, Palermo, Termini Imerese, Olbia, Porto Torres, Barcelona, Valencia, Palma de Mallorca, Ibiza, Mahón, Almería, Tunis, Tangier, Algiers, Bejaia, Nador, Sète, Bari, Durrës, and Malta. GNV is also actively engaged in the development of "maritime motorways of the sea", positioning sea transport as a cost-effective alternative to traditional road transport. This innovative approach not only reduces transportation costs but also provides an efficient solution to the environmental challenges associated with heavy lorry traffic on national road networks. 6 domestic lines in SICILY Genova-Palermo Civitavecchia-Palermo Civitavecchia-Termini Imerese Napoli-Palermo Napoli-Termini Imerese Genova-Termini Imerese (freight only) 3 domestic lines in SARDINIA Civitavecchia-Olbia Genova-Olbia Genova-Porto Torres 3 international lines in TUNISIA Genova-Tunisi Civitavecchia-Tunisi Palermo-Tunisi 2 international lines in ALGERIA Sète - Algiers, Sète - Bejaia, 6 international lines in BALEARICS Barcellona-Mahón Barcellona-Palma di Maiorca Palma di Maiorca-Ibiza Palma di Maiorca-Mahón Valencia-Ibiza Valencia-Palma di Maiorca 6 international lines in MAROCCO Genova-Tangeri Sete-Tangeri Sete-Nador Barcellona-Tangeri Barcellona-Nador Genova-Barcellona 1 international line in ALBANIA Bari-Durazzo 2 international lines in MALTA (freight only) Genova-Malta Palermo-Malta
Loading...
GNV Similar Companies
Hapag-Lloyd AG
About Hapag-Lloyd With a fleet of 313 modern container ships and a total transport capacity of 2.5 million TEU, Hapag-Lloyd is one of the world’s leading liner shipping companies. In the Liner Shipping segment, the Company has around 14,000 employees and 400 offices in 140 countries. Hapag-Lloyd has
Anglo-Eastern
Anglo-Eastern's rich maritime heritage spans over 50 years of ship management, crew management, cruise & leisure management and technical services. We manage a diverse fleet of vessels worldwide on behalf of our global partners, and uniquely offer both cadet and crew training through our highly rega
Yacht Crew Register
Yacht Crew Register has been successfully recruiting professional captains and crew since 1995, and has developed a reputation for confidentiality. We are a private yacht crew agency serving yacht owners and select management companies. We guarantee complete confidentiality of all information entrus
.png)
GNV CyberSecurity News
December 17, 2025 02:58 PM
GNV ferry fantastic under cyberattack probe amid remote hijack fears
French prosecutors probe a suspected cyberattack on GNV ferry Fantastic, raising concerns of a possible remote hijack.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
GNV CyberSecurity History Information
Official Website of GNV
The official website of GNV is http://www.gnv.it.
GNV’s AI-Generated Cybersecurity Score
According to Rankiteo, GNV’s AI-generated cybersecurity score is 743, reflecting their Moderate security posture.
How many security badges does GNV’ have ?
According to Rankiteo, GNV currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does GNV have SOC 2 Type 1 certification ?
According to Rankiteo, GNV is not certified under SOC 2 Type 1.
Does GNV have SOC 2 Type 2 certification ?
According to Rankiteo, GNV does not hold a SOC 2 Type 2 certification.
Does GNV comply with GDPR ?
According to Rankiteo, GNV is not listed as GDPR compliant.
Does GNV have PCI DSS certification ?
According to Rankiteo, GNV does not currently maintain PCI DSS compliance.
Does GNV comply with HIPAA ?
According to Rankiteo, GNV is not compliant with HIPAA regulations.
Does GNV have ISO 27001 certification ?
According to Rankiteo,GNV is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of GNV
GNV operates primarily in the Maritime Transportation industry.
Number of Employees at GNV
GNV employs approximately 1,720 people worldwide.
Subsidiaries Owned by GNV
GNV presently has no subsidiaries across any sectors.
GNV’s LinkedIn Followers
GNV’s official LinkedIn profile has approximately 48,292 followers.
NAICS Classification of GNV
GNV is classified under the NAICS code 483, which corresponds to Water Transportation.
GNV’s Presence on Crunchbase
Yes, GNV has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/grandi-navi-veloci.
GNV’s Presence on LinkedIn
Yes, GNV maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/gnvferries.
Cybersecurity Incidents Involving GNV
As of December 22, 2025, Rankiteo reports that GNV has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
GNV has an estimated 2,135 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at GNV ?
Incident Types: The types of cybersecurity incidents that have occurred include Cyber Attack.
How does GNV detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an incident response plan activated with yes, and law enforcement notified with yes (french and italian authorities), and containment measures with removal of raspberry pi devices, forensic analysis, and remediation measures with network segregation, enhanced monitoring, and recovery measures with ferry resumed operations after investigation, and communication strategy with limited public disclosure (spokesperson confirmed intrusion attempt), and network segmentation with pre-existing segregation prevented lateral movement..
Incident Details
Can you provide details on each incident ?
Title: Russian Military Hackers Suspected in MSC Ferry Cyber Intrusion
Description: European investigators are probing whether Russian military hackers breached computer systems on a vessel owned by MSC-Mediterranean Shipping Company SA. The ferry was immobilized in the southern French port of Sète as authorities confirmed operational systems were not compromised. The intrusion attempt was detected and neutralized by the company.
Type: Cyber Intrusion
Attack Vector: Physical access via Raspberry Pi devices with cellular modems
Vulnerability Exploited: Insufficient network segmentation between office and operational systems
Threat Actor: GRU (Russian military intelligence agency, possibly Unit 29155)
Motivation: EspionageLong-term surveillance
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Cyber Attack.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Physical access via Raspberry Pi devices.
Impact of the Incidents
What was the impact of each incident ?
Incident : Cyber Intrusion GNVMSC1765979891
Systems Affected: Office computer network
Downtime: Ferry immobilized for less than 24 hours
Operational Impact: No impact on navigation, propulsion, or AIS systems
Brand Reputation Impact: Potential reputational damage due to cybersecurity concerns
Which entities were affected by each incident ?
Incident : Cyber Intrusion GNVMSC1765979891
Entity Name: MSC-Mediterranean Shipping Company SA (Grandi Navi Veloci unit)
Entity Type: Maritime transport company
Industry: Shipping and logistics
Location: Global (incident occurred in Sète, France)
Size: World's largest container shipping group
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Cyber Intrusion GNVMSC1765979891
Incident Response Plan Activated: Yes
Law Enforcement Notified: Yes (French and Italian authorities)
Containment Measures: Removal of Raspberry Pi devices, forensic analysis
Remediation Measures: Network segregation, enhanced monitoring
Recovery Measures: Ferry resumed operations after investigation
Communication Strategy: Limited public disclosure (spokesperson confirmed intrusion attempt)
Network Segmentation: Pre-existing segregation prevented lateral movement
What is the company's incident response plan?
Incident Response Plan: The company's incident response plan is described as Yes.
Data Breach Information
What measures does the company take to prevent data exfiltration ?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Network segregation, enhanced monitoring.
How does the company handle incidents involving personally identifiable information (PII) ?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by removal of raspberry pi devices and forensic analysis.
Ransomware Information
How does the company recover data encrypted by ransomware ?
Data Recovery from Ransomware: The company recovers data encrypted by ransomware through Ferry resumed operations after investigation.
Lessons Learned and Recommendations
What lessons were learned from each incident ?
Incident : Cyber Intrusion GNVMSC1765979891
Lessons Learned: Importance of physical security for onboard networks, network segmentation, and monitoring for unauthorized devices.
What recommendations were made to prevent future incidents ?
Incident : Cyber Intrusion GNVMSC1765979891
Recommendations: Enhance physical security measures for restricted-access areas on vessels, Improve detection of unauthorized hardware (e.g., Raspberry Pi devices), Strengthen network segmentation between office and operational systems, Conduct regular audits of onboard networks for anomaliesEnhance physical security measures for restricted-access areas on vessels, Improve detection of unauthorized hardware (e.g., Raspberry Pi devices), Strengthen network segmentation between office and operational systems, Conduct regular audits of onboard networks for anomaliesEnhance physical security measures for restricted-access areas on vessels, Improve detection of unauthorized hardware (e.g., Raspberry Pi devices), Strengthen network segmentation between office and operational systems, Conduct regular audits of onboard networks for anomaliesEnhance physical security measures for restricted-access areas on vessels, Improve detection of unauthorized hardware (e.g., Raspberry Pi devices), Strengthen network segmentation between office and operational systems, Conduct regular audits of onboard networks for anomalies
What are the key lessons learned from past incidents ?
Key Lessons Learned: The key lessons learned from past incidents are Importance of physical security for onboard networks, network segmentation, and monitoring for unauthorized devices.
References
Where can I find more information about each incident ?
Incident : Cyber Intrusion GNVMSC1765979891
Source: Bloomberg
Incident : Cyber Intrusion GNVMSC1765979891
Source: Le Parisien
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Bloomberg, and Source: Le Parisien.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Cyber Intrusion GNVMSC1765979891
Investigation Status: Ongoing
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Limited public disclosure (spokesperson confirmed intrusion attempt).
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Cyber Intrusion GNVMSC1765979891
Entry Point: Physical access via Raspberry Pi devices
Backdoors Established: Cellular modems for remote access
High Value Targets: Office computer network
Data Sold on Dark Web: Office computer network
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Cyber Intrusion GNVMSC1765979891
Root Causes: Physical Security Lapse Allowing Unauthorized Device Installation, Potential Insider Assistance Or Lax Access Controls,
Corrective Actions: Forensic Analysis Of Seized Devices, Review Of Physical And Network Security Protocols,
What corrective actions has the company taken based on post-incident analysis ?
Corrective Actions Taken: The company has taken the following corrective actions based on post-incident analysis: Forensic Analysis Of Seized Devices, Review Of Physical And Network Security Protocols, .
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident were an GRU (Russian military intelligence agency and possibly Unit 29155).
Impact of the Incidents
Response to the Incidents
What containment measures were taken in the most recent incident ?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident were Removal of Raspberry Pi devices and forensic analysis.
Lessons Learned and Recommendations
What was the most significant lesson learned from past incidents ?
Most Significant Lesson Learned: The most significant lesson learned from past incidents was Importance of physical security for onboard networks, network segmentation, and monitoring for unauthorized devices.
What was the most significant recommendation implemented to improve cybersecurity ?
Most Significant Recommendation Implemented: The most significant recommendation implemented to improve cybersecurity was Strengthen network segmentation between office and operational systems, Conduct regular audits of onboard networks for anomalies, Enhance physical security measures for restricted-access areas on vessels, Improve detection of unauthorized hardware (e.g. and Raspberry Pi devices).
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident are Bloomberg and Le Parisien.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Ongoing.
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker was an Physical access via Raspberry Pi devices.
.png)
Latest Global CVEs (Not Company-Specific)
Description
A vulnerability has been found in SeaCMS up to 13.3. The affected element is an unknown function of the file js/player/dmplayer/dmku/class/mysqli.class.php. Such manipulation of the argument page/limit leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to the public and may be used.
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HappyDevs TempTool allows Stored XSS.This issue affects TempTool: from n/a through 1.3.1.
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L
Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tormorten WP Microdata allows Stored XSS.This issue affects WP Microdata: from n/a through 1.0.
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L
Description
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in HappyDevs TempTool allows Retrieve Embedded Sensitive Data.This issue affects TempTool: from n/a through 1.3.1.
Risk Information
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Description
A vulnerability has been found in Tenda FH1201 1.2.0.14(408). Affected is the function sprintf of the file /goform/SetIpBind. Such manipulation of the argument page leads to stack-based buffer overflow. The attack may be performed from remote. The exploit has been disclosed to the public and may be used.
Risk Information
cvss2
Base: 9.0
Severity: LOW
AV:N/AC:L/Au:S/C:C/I:C/A:C
cvss3
Base: 8.8
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
cvss4
Base: 7.4
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
- https://github.com/z472421519/BinaryAudit/blob/main/PoC/BOF/Tenda_FH1201/SetIpBind/SetIpBind.md
- https://github.com/z472421519/BinaryAudit/blob/main/PoC/BOF/Tenda_FH1201/SetIpBind/SetIpBind.md#reproduce
- https://vuldb.com/?ctiid.337689
- https://vuldb.com/?id.337689
- https://vuldb.com/?submit.719154
- https://www.tenda.com.cn/
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=gnvferries' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
