IRISL Group A.I CyberSecurity Scoring
IRISL Group
Company Information
Website:http://www.irisl.net
Employees number:1,582
Number of followers:0
NAICS:
Industry Type:Maritime
Homepage:irisl.net
IRISL Group Risk Score (AI oriented)
Between 800 and 849
IRISL GroupMaritime
Updated:
23/03/2026
23/03/2026
831/1000
Good
A
IRISL Group Global Score (TPRM)
xxxx
IRISL GroupMaritime
Score locked

IRISL GroupGood
Current Score
831A (GOOD)
01000
1 incidents
0 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
832
JUNE 2026
832
MAY 2026
832
APRIL 2026
832
MARCH 2026
831
FEBRUARY 2026
831
JANUARY 2026
831
DECEMBER 2025
831
NOVEMBER 2025
831
OCTOBER 2025
831
SEPTEMBER 2025
830
AUGUST 2025
761
MARCH 2025
837
Cyber Attack
18 Mar 2025 • IRISL Group
Islamic Republic of Iran Shipping Lines and Fanava Group: Center for International Maritime Security
Coordinated Cyberattack on Iranian Maritime Fleet via Fanava Group Compromise
829
CRITICAL-8
FANIRI1774284457
Cybersecurity Threat: The Maritime Fleet as an Unwitting Intelligence Network
In March 2025, a coordinated cyberattack by the group Lab Dookhtegan disabled satellite communications for 116 Iranian state-owned vessels, including those operated by the National Iranian Tanker Company (NITC) and Islamic Republic of Iran Shipping Lines (IRISL). The attackers compromised Fanava Group, an Iranian satellite and IT provider, gaining root-level access to VSAT terminals across the fleet. While the attack severed ship-to-shore links and disabled Automatic Identification System (AIS) tracking, the breach also provided adversaries with real-time vessel positions, voice communications, and data traffic demonstrating how maritime infrastructure can function as an unintentional intelligence-gathering platform.
### A Global Network of Exploitable Data
Modern commercial vessels operate as distributed sensor networks, broadcasting exploitable data through VSAT terminals, AIS transponders, GNSS systems, and onboard Wi-Fi. Despite IMO Resolution MSC.428(98), which mandates cyber risk management, enforcement remains weak. Industry guidelines, such as those from BIMCO, highlight persistent vulnerabilities:
- Fragmented accountability among owners, management companies, and crews.
- Legacy systems with unsupported software.
- Minimal cybersecurity oversight from classification societies and port authorities.
The barrier to access is alarmingly low. Security researchers have demonstrated that default credentials (e.g., "admin/1234") can grant entry to vessel satellite systems no advanced exploits required.
### Intelligence Collection Without Deployment
Adversaries no longer need dedicated SIGINT platforms; the commercial fleet provides passive collection opportunities at scale:
- Communications interception: Unencrypted VSAT traffic exposes voice calls, emails, and data transfers.
- Location tracking: AIS broadcasts real-time vessel positions, while voyage histories reveal movement patterns.
- Physical proximity: Vessels routinely anchor near naval bases, undersea cables, and strategic chokepoints, enabling passive surveillance.
- Supply chain compromise: A single breach (e.g., Fanava Group) can grant access to hundreds of vessels simultaneously.
Recent incidents underscore the threat:
- March 2026: The French aircraft carrier Charles de Gaulle was tracked via Strava fitness data from a sailor’s smartwatch.
- 2025: Mustang Panda (China) and SideWinder APT (South Asia) targeted maritime firms in Norway, Greece, Egypt, and Vietnam.
- 2023-2024: Ransomware attacks disrupted Lürssen (shipbuilder), Brunswick Corporation ($85M loss), and MarineMax (123,000 records exfiltrated).
### Strategic Geography & Adversary Exploitation
Commercial vessels transit high-value intelligence zones, including:
- Mediterranean: NATO/Russian operations and energy transit routes.
- Arabian Gulf/Red Sea: Critical infrastructure and naval operations.
- Indo-Pacific: South China Sea, Malacca Strait, and waters near Taiwan and Australia’s submarine communications hubs.
China’s maritime militia embeds intelligence personnel on fishing and merchant vessels, while Russia’s Yantar spy ship surveils undersea cables. Unlike state-run programs, the unwitting fleet requires no deployment just exploitation of existing vulnerabilities.
### Implications for Defense & Intelligence
The maritime sector’s cybersecurity gaps extend beyond operational disruption they enable adversary intelligence collection by default. Naval and intelligence communities must:
- Monitor commercial vessels near defense installations.
- Strengthen supply chain security for VSAT providers and navigation systems.
- Integrate maritime cyber threats into threat assessments and exercises.
The commercial fleet is not just vulnerable it is already functioning as adversary infrastructure, radiating data across strategic waters with minimal security. The challenge is no longer preventing access but recognizing the scale of exposure.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for IRISL Group ??
What was IRISL Group's A.I Rankiteo Cyber Score in June 2026 ??
What was IRISL Group's A.I Rankiteo Cyber Score in May 2026 ??
What was IRISL Group's A.I Rankiteo Cyber Score in April 2026 ??
What was IRISL Group's A.I Rankiteo Cyber Score in March 2026 ??
What was IRISL Group's A.I Rankiteo Cyber Score in February 2026 ??
What was IRISL Group's A.I Rankiteo Cyber Score in January 2026 ??
What was IRISL Group's A.I Rankiteo Cyber Score in December 2025 ??
What was IRISL Group's A.I Rankiteo Cyber Score in November 2025 ??
What was IRISL Group's A.I Rankiteo Cyber Score in October 2025 ??
What was IRISL Group's A.I Rankiteo Cyber Score in September 2025 ??
What was IRISL Group's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on IRISL Group's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with IRISL Group ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view IRISL Group's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?