Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
IRISL Group

IRISL Group Vendor Cyber Rating & Cyber Score

irisl.net

Islamic Republic of Iran Shipping Lines was established in 1967 and commenced its commercial operation by employing two home trade vessels and 4 larger ocean going vessels. Presently, IRISL Group with around half a century experience in worldwide marine transportation field and employing a reliable international network is well-known to its clients as their global partner, capable in performing a wide spectrum of services and steps up beyond expectation of customers. Fleet By employing a range of vessels with diversity in type and tonnage, meets market demands appropriately in main international shipping routes and allocates part of its tonnage efficiently for Door-to-Door services as well as cargo operation in major renowned ports all


IRISL Group A.I CyberSecurity Scoring

IRISL Group
Company Information
Website:http://www.irisl.net
Employees number:1,582
Number of followers:0
NAICS:
Industry Type:Maritime
Homepage:irisl.net
IRISL Group Risk Score (AI oriented)
Between 800 and 849
logo
IRISL GroupMaritime
Updated:
23/03/2026
831/1000
Good
A
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
IRISL Group Global Score (TPRM)
xxxx
logo
IRISL GroupMaritime
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

IRISL Group
IRISL GroupGood
Current Score
831A (GOOD)
01000
1 incidents
0 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
832Before Incident
JUNE 2026
832Before Incident
MAY 2026
832Before Incident
APRIL 2026
832Before Incident
MARCH 2026
831Before Incident
FEBRUARY 2026
831Before Incident
JANUARY 2026
831Before Incident
DECEMBER 2025
831Before Incident
NOVEMBER 2025
831Before Incident
OCTOBER 2025
831Before Incident
SEPTEMBER 2025
830Before Incident
AUGUST 2025
761Before Incident
MARCH 2025
837Before Incident
Cyber Attack
18 Mar 2025IRISL Group
Islamic Republic of Iran Shipping Lines and Fanava Group: Center for International Maritime Security

Coordinated Cyberattack on Iranian Maritime Fleet via Fanava Group Compromise

829After Incident
CRITICAL-8
FANIRI1774284457
Cybersecurity Threat: The Maritime Fleet as an Unwitting Intelligence Network In March 2025, a coordinated cyberattack by the group Lab Dookhtegan disabled satellite communications for 116 Iranian state-owned vessels, including those operated by the National Iranian Tanker Company (NITC) and Islamic Republic of Iran Shipping Lines (IRISL). The attackers compromised Fanava Group, an Iranian satellite and IT provider, gaining root-level access to VSAT terminals across the fleet. While the attack severed ship-to-shore links and disabled Automatic Identification System (AIS) tracking, the breach also provided adversaries with real-time vessel positions, voice communications, and data traffic demonstrating how maritime infrastructure can function as an unintentional intelligence-gathering platform. ### A Global Network of Exploitable Data Modern commercial vessels operate as distributed sensor networks, broadcasting exploitable data through VSAT terminals, AIS transponders, GNSS systems, and onboard Wi-Fi. Despite IMO Resolution MSC.428(98), which mandates cyber risk management, enforcement remains weak. Industry guidelines, such as those from BIMCO, highlight persistent vulnerabilities: - Fragmented accountability among owners, management companies, and crews. - Legacy systems with unsupported software. - Minimal cybersecurity oversight from classification societies and port authorities. The barrier to access is alarmingly low. Security researchers have demonstrated that default credentials (e.g., "admin/1234") can grant entry to vessel satellite systems no advanced exploits required. ### Intelligence Collection Without Deployment Adversaries no longer need dedicated SIGINT platforms; the commercial fleet provides passive collection opportunities at scale: - Communications interception: Unencrypted VSAT traffic exposes voice calls, emails, and data transfers. - Location tracking: AIS broadcasts real-time vessel positions, while voyage histories reveal movement patterns. - Physical proximity: Vessels routinely anchor near naval bases, undersea cables, and strategic chokepoints, enabling passive surveillance. - Supply chain compromise: A single breach (e.g., Fanava Group) can grant access to hundreds of vessels simultaneously. Recent incidents underscore the threat: - March 2026: The French aircraft carrier Charles de Gaulle was tracked via Strava fitness data from a sailor’s smartwatch. - 2025: Mustang Panda (China) and SideWinder APT (South Asia) targeted maritime firms in Norway, Greece, Egypt, and Vietnam. - 2023-2024: Ransomware attacks disrupted Lürssen (shipbuilder), Brunswick Corporation ($85M loss), and MarineMax (123,000 records exfiltrated). ### Strategic Geography & Adversary Exploitation Commercial vessels transit high-value intelligence zones, including: - Mediterranean: NATO/Russian operations and energy transit routes. - Arabian Gulf/Red Sea: Critical infrastructure and naval operations. - Indo-Pacific: South China Sea, Malacca Strait, and waters near Taiwan and Australia’s submarine communications hubs. China’s maritime militia embeds intelligence personnel on fishing and merchant vessels, while Russia’s Yantar spy ship surveils undersea cables. Unlike state-run programs, the unwitting fleet requires no deployment just exploitation of existing vulnerabilities. ### Implications for Defense & Intelligence The maritime sector’s cybersecurity gaps extend beyond operational disruption they enable adversary intelligence collection by default. Naval and intelligence communities must: - Monitor commercial vessels near defense installations. - Strengthen supply chain security for VSAT providers and navigation systems. - Integrate maritime cyber threats into threat assessments and exercises. The commercial fleet is not just vulnerable it is already functioning as adversary infrastructure, radiating data across strategic waters with minimal security. The challenge is no longer preventing access but recognizing the scale of exposure.
INCIDENT DETAILS -
TYPE
Cyber Espionage, Supply Chain Attack
MOTIVATION
Intelligence collection, disruption of maritime operations
IMPACT
Data Compromised: Real-time vessel positions, voice communications, data trafficSystems Affected: VSAT terminals, AIS transponders, satellite communicationsDowntime: Ship-to-shore communications disabledOperational Impact: Loss of AIS tracking, disrupted maritime operations
DATA BREACH
Type Of Data Compromised: Vessel positions, voice communications, data trafficSensitivity Of Data: High (real-time intelligence)Data Exfiltration: Yes

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for IRISL Group ?
?
What was IRISL Group's A.I Rankiteo Cyber Score in June 2026 ?
?
What was IRISL Group's A.I Rankiteo Cyber Score in May 2026 ?
?
What was IRISL Group's A.I Rankiteo Cyber Score in April 2026 ?
?
What was IRISL Group's A.I Rankiteo Cyber Score in March 2026 ?
?
What was IRISL Group's A.I Rankiteo Cyber Score in February 2026 ?
?
What was IRISL Group's A.I Rankiteo Cyber Score in January 2026 ?
?
What was IRISL Group's A.I Rankiteo Cyber Score in December 2025 ?
?
What was IRISL Group's A.I Rankiteo Cyber Score in November 2025 ?
?
What was IRISL Group's A.I Rankiteo Cyber Score in October 2025 ?
?
What was IRISL Group's A.I Rankiteo Cyber Score in September 2025 ?
?
What was IRISL Group's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on IRISL Group's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with IRISL Group ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view IRISL Group's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?