Russian Military Hackers Suspected in Cyber Intrusion Targeting MSC Ferry European investigators are examining a suspected cyber intrusion by Russian military hackers targeting a ferry operated by MSC-Mediterranean Shipping Company SA, the world’s largest container shipping group. The incident occurred over the weekend in the southern French port of Sète, where the vessel—part of MSC’s Grandi Navi Veloci unit—was immobilized on Saturday as authorities assessed potential risks to operational systems. The ferry resumed its voyage to Algeria on Sunday after confirming no critical systems were compromised. The breach attempt, which remains under investigation by French and Italian officials, is believed to be linked to Russia’s GRU military intelligence agency. Forensic analysis reportedly identified overlaps in tactics, techniques, and procedures (TTPs) with previous GRU operations, including those publicly attributed to Unit 29155 by U.S. agencies like the FBI and CISA. No official attribution has been made, and the Kremlin has not responded to requests for comment. The attack targeted the ferry’s office computer network, aiming to impersonate legitimate users, but failed to penetrate operational systems—such as navigation, propulsion, or the Automatic Identification System (AIS)—due to network segregation and restricted remote access. Investigators noted that while sabotage was averted, the incident underscores vulnerabilities in maritime cybersecurity, particularly the risk of physical access attacks for surveillance or long-term infiltration. This is not the first attempt against the vessel. In November, a Raspberry Pi device—a concealed miniature computer—was discovered connected to a shipboard system in a restricted area, triggering security alerts. A second device, found last week and paired with a cellular modem for remote access, was seized for forensic analysis. Authorities suspect a third device may still be active on another ship. The incident highlights growing concerns over cyber threats to global maritime trade, which carries the majority of world commerce. Disruptions in shipping networks could have cascading effects on supply chains, critical infrastructure, and sensitive military or commercial movements. While this attack was contained, it reflects a broader pattern of state-sponsored cyber espionage targeting high-value logistics assets.