Dozens, mostly automated, DDOS cyberattacks* accepts the port of Thessaloniki each month, while targeting phishing ** and massive mission of malicious emails, as the Director of Information Technology and Communications and Communications Technologies and Digital Technologies. It is certainly not the only thing: ports around the world often go on target cyberattacks, as their critical role in international trade and high levels of digitization of their services open the “appetite” of cybercriminals, including ransom claims. As a result, in recent years, there have been financial losses in hundreds of millions of euros worldwide and thousands of containers have occasionally been trapped for days.

“At the national level, we know that DDOS attacks by groups such as” Noname057 “have also targeted the port of Thessaloniki in 2024,” Mr Nikolaou emphasized. How does the port of Thessaloniki deal with this new generation challenge? “The investments of the Port Authority of Thessaloniki (OLTH SA) in cyber security in recent years have increased steadily (…). Today, expenditure on technologies, services and cyber security training amounts to about 10% -12% of the annual budget for IT (IT technologies), with continuous adjustment, according to developments in threats and regulatory requirements, such as the NIS2 Directive, ”notes Mr Nikolaou.

Asked about how quickly the port’s operation could be restored, in the event of a successful cyberspace, he replies: “We have developed and tried extensively business continuity and rehabilitation plans (BCP/DRP), which allow us to restore the critical functions of the port within a few hours. Secondary services may take extra time, but our goal is to minimize the impact on customers and load flow, ensuring our contribution to the national and regional supply chain. ” The port, he says, supports its defense on multilevel technologies, regular rehabilitation exercises, continuous staff training and cooperation with competent public authorities, applying ‘Zero-Trust’ (zero-confidence) and two-factor authentication.

‘Rain’ of cyberattacks, after ‘Notpetya’

When our discussion with Mr Nikolaou opens in the world landscape, the huge size of the problem is immediately felt. For the last six-seven years, he notes, the shipping sector has increased by a range of size (~ 10 ×) in the reported incidents of cyberattacks, compared to the period before the 2017 incident with the stroke of the malicious software “Notpetya”. “Although the rate of growth is reduced by three -digit to double -digit rates, the level of threat remains significantly high. A striking example is the attack on the “DP World Australia” in November 2023, which caused almost a three -day interruption of operations in four ports, a delay in trafficking more than 30,000 containers, affecting hundreds of customers and causing financial loss of tens of million.

Similarly, the port of Los Angeles suffered a serious ransomware *** attack, with a long day of systems interruption, delays in thousands of loads and losses of more than $ 10 million, and the case of “Maersk”, which in 2017 was affected by more than $ 76 and more than $ 76 and more than $ 76 and more than $ 76. terminals around the world. These incidents highlight the high degree of danger to port infrastructure and the need to strengthen their cyber security in order to ensure the smooth flow of world trade and customer protection.

Customs, container stations and passenger stations The dominant goals of cyberattacks in ports

Today, explains Mr. Nikolaou, the dominant forms of cyberattacks in the ports are ransomware attacks and data violations, and there are often denial attacks (DOS) or others, utilizing artificial intelligence (TN), with the aim of interrupting business processes or businesses. They mainly focus on interconnected logistics, shipping and communication management systems, seeking to cause delays, interruptions and significant financial losses.

The main objectives of these attacks are customs systems, container stations, which are the “heart” of logistics, as well as passenger stations, affecting ticket and service systems. “Ports now recognize the importance of cyber security for world trade and are constantly investing in protection measures to ensure their smooth operation and protection of their customers and infrastructure,” Mr Nikolaou said.

The NIS2 **** Community Directive, in force since October 2024, increases the obligations of cyber security “essential” organizations such as OLTH, imposing rigorous risk management measures, incident reporting within 24-72 hours, control of the supply chain and administrative responsibilities. OLTH, with a roadmap of compliance since 2023, has already updated the Business Continuity and Incident Response, conducts vulnerability, trains staff and administration, and upgrades threatening detection systems (Siem, SOC).