India’s drive to modernise and digitise its port infrastructure demands the urgent integration of robust cybersecurity measures, essential to safeguard trade continuity, national security, and operational resilience against rising cyber threats.
Image Source: MR.Cole_Photographer/via Getty Images
Ports lie at the heart of a nation’s economic activity, serving as crucial gateways to international markets and facilitating global trade. For India, the strategic location of its ports in the Indian Ocean connects it to over 150 nations across the globe, supporting the country’s potential to be a key maritime hub. Amid increasing digitisation of nearly all port operations, this critical infrastructure is exposed to newer threats, such as cyber ‘hacktivism’, espionage, ransomware, and other cybercrimes. This vulnerability is compounded by rising geopolitical tensions, particularly China’s growing presence in the Indian Ocean Region. In 2020, suspected Chinese hackers targeted two Indian ports, highlighting how cyber operations can serve as tools of intimidation. Such incidents underscore the risks posed by China’s growing digital influence in the maritime and critical infrastructure domains. During Operation Sindoor, India is reported to have encountered coordinated cyberattacks targeting critical infrastructure, including ports, allegedly conducted by state-backed hackers and ‘hacktivist’ groups.
Cybersecurity in India’s port infrastructure remains an under-addressed dimension of critical infrastructure protection. If India aims to modernise and develop mega ports, securing digital systems cannot be an afterthought.
Globally, cyberattacks on ports, such as the ransomware incidents at Japan’s Port of Nagoya in 2023, India’s Jawaharlal Nehru Port Terminal (JNPT) in 2017, and Portugal’s Port of Lisbon in 2022, have disrupted terminal operations, exposed critical data systems, and incurred substantial economic costs. A DNV Maritime Cyber Priority 2024/25 survey revealed that 31 percent of maritime professionals reported at least one cyberattack between October 2023 and October 2024, highlighting the growing intensity and complexity of the global cyber threat environment. Despite the scale and implications of such incidents, cybersecurity in India’s port infrastructure remains an under-addressed dimension of critical infrastructure protection. If India aims to modernise and develop mega ports, securing digital systems cannot be an afterthought.
India’s 12 major and 200 minor ports are vital in supporting the country’s shipping and trade. In recent years, the government has taken active steps to digitise port operations for greater efficiency. The ongoing digital transformation forms a crucial component of the broader “Port Modernisation” pillar under the Sagarmala Programme. This includes automation of port operations, Artificial Intelligence-driven logistics management, and real-time cargo tracking systems. Additionally, the Sagarmala Startup and Innovation Initiative (S2I2) aims to accelerate tech-driven innovation in green shipping, smart ports, and maritime logistics by supporting startups with funding, mentorship, and industry linkages. Under the Maritime India Vision 2030 (MIV 2030) and the Amrit Kaal Vision 2047, India aspires to develop mega ports, modern infrastructure, and transshipment hubs. Further efforts to digitise Indian port infrastructure include the launch of the Unified Logistics Interface Platform, which is an integrated system that helps stakeholders in logistics planning. A collaboration between the National e-Governance Division, under the Ministry of Electronics and Information Technology, and the Indian Ports Association (IPA) aims to push digital innovation in the maritime sector, particularly via advanced software development, adoption of emerging technologies, and capacity building.
With threat actors employing sophisticated tactics, such as Distributed Denial-of-Service (DDoS) attacks, spear-phishing, and Ransomware-as-a-Service to exploit vulnerabilities in port infrastructure, ensuring resilient port infrastructure demands a closer look at the existing maritime cybersecurity framework in India.
While technological developments enable seamless coordination and facilitate port operations, the convergence of Information Technology (IT) and Operational Technology (OT) systems has significantly expanded the attack surface. IT systems manage data and communication, while OT systems control physical operations, but their integration creates interconnected networks where an IT breach can cascade into OT operations. Supervisory Control and Data Acquisition (SCADA) systems, vital for alarm monitoring and power management, are exposed via IT networks, risking essential functions such as cargo and energy operations. This evolving digital landscape has attracted a range of malicious actors, particularly Advanced Persistent Threats (APTs), stealthy groups capable of long-term system infiltration. With threat actors employing sophisticated tactics, such as Distributed Denial-of-Service (DDoS) attacks, spear-phishing, and Ransomware-as-a-Service to exploit vulnerabilities in port infrastructure, ensuring resilient port infrastructure demands a closer look at the existing maritime cybersecurity framework in India.
India has begun laying the groundwork for a more secure maritime digital ecosystem through targeted partnerships, training initiatives, and regional cooperation. Notable among these is the Memorandum of Understanding (MoU) between IIT-Kanpur and the IPA to bolster port cybersecurity research and capacity building. The MoU focuses on implementing robust digital security controls and management systems, building cybersecurity skill sets among port authorities and operational teams, and designing comprehensive protection policies for the maritime sector. Workshops on port cybersecurity by Rashtriya Raksha University, Gandhinagar and the Indian Register of Shipping, and training programmes for port employees on cybersecurity awareness by the Cochin Port Authority show a growing recognition of the need to build institutional and human capacity to safeguard ports against emerging digital threats. Building on these domestic efforts, India has also pursued regional cooperation through platforms like the Colombo Security Conclave, fostering joint initiatives with Sri Lanka, the Maldives, and Mauritius. At the Conclave’s NSA-level meeting in March 2022, cybersecurity and critical infrastructure protection were established as key areas of focus. India also hosted a regional workshop on dark web threats and cyber forensics, underscoring its commitment to collective cyber resilience in the Indo-Pacific.
However, there remain significant gaps in India’s port cybersecurity framework. For instance, the MIV 2030 outlines port modernisation and digitisation but does not offer strategies for cybersecurity as a standalone pillar. On the legal front, India’s broad cyber law frameworks, such as the Information Technology Act, 2000, and the National Cyber Security Policy, 2013, address cybersecurity but lack a maritime-specific focus, unlike targeted efforts such as the United States’ National Maritime Cybersecurity Plan, 2020, or the United Kingdom’s National Strategy for Maritime Security, 2022. National initiatives, including CERT-In’s incident response mechanisms, the Cyber Swachhta Kendra, and the Indian Cyber Crime Coordination Centre, while crucial for strengthening overall digital resilience, do not provide tailored frameworks or operational protocols specific to port infrastructure.
Europe’s major oil terminals, the Port of London Authority in the UK, and the Port of Lisbon in Portugal experienced severe operational and data compromises. India was not immune.
These gaps are particularly alarming in light of the escalating frequency and sophistication of cyberattacks targeting critical infrastructure globally. Over the past five years, key ports including Marseilles in France, Shahid Rajaee in Iran, Hormuz in the Persian Gulf, Kennewick in the US, and South Africa’s major ports have faced ransomware and malware attacks. Europe’s major oil terminals, the Port of London Authority in the UK, and the Port of Lisbon in Portugal experienced severe operational and data compromises. India was not immune. February 2022 saw a ransomware attack targeting the JNPT in Maharashtra, disrupting its management information systems. In 2023, a breach at DP World, Australia’s largest port operator, resulted in a three-day operational shutdown, disrupting nearly 40 percent of the country’s inbound and outbound goods movement.
These incidents reveal a broader pattern: as ports undergo rapid digital transformation, their exposure to cyber risks increases significantly. Without robust cybersecurity mechanisms in place, cyberattacks have the potential to disrupt critical navigation, monitoring, and control systems. In more severe cases, a well-coordinated cyberattack could disrupt military logistics, cripple trade networks, or manipulate cargo data for smuggling and illicit trade. Addressing these shortcomings requires a coordinated policy push, institutional reforms, and capacity-building measures aimed at strengthening port-specific cyber resilience.
To effectively tackle cyberthreats to ports, India must treat maritime cybersecurity as a separate domain, developing comprehensive policies that include structured incident response mechanisms, regular risk assessments, and clear guidelines to ensure a secure and resilient digital environment across its port infrastructure. Policy responses should start with the development and enforcement of dedicated cybersecurity regulations tailored to port management systems. The National Cybersecurity Strategy provides a strong footing to develop a maritime cybersecurity strategy. Aligning with established international standards, such as the International Maritime Organisation’s Maritime Cyber Risk Management Guidelines, can institutionalise clear and uniform security protocols across maritime operations. India’s Maritime Amrit Kaal Vision 2047 further reinforces this need by identifying cybersecurity as a key enabler of port modernisation and resilient logistics. It outlines concrete steps such as conducting regular cybersecurity audits, consultancy services for cybersecurity and related domains, and enhancing security monitoring infrastructure, offering a functional roadmap to embed cyber resilience in India’s evolving port ecosystem.
To effectively tackle cyberthreats to ports, India must treat maritime cybersecurity as a separate domain, developing comprehensive policies that include structured incident response mechanisms, regular risk assessments, and clear guidelines to ensure a secure and resilient digital environment across its port infrastructure.
Technological measures should focus on enhancing IT and OT infrastructure, incorporating advanced threat detection and response capabilities, and enforcing strict access protocols. Regular security audits and vulnerability assessments are essential for identifying potential risks and ensuring the resilience of port infrastructure against evolving cyber threats. Additionally, robust incident response, vulnerability reporting, and clear recovery plans are key to minimising the impact of cyber breaches and ensuring operational continuity. Strengthening the cybersecurity capabilities of port personnel is also essential and requires practical, simulation-based training. Such training should cover technical and procedural measures for preventing cyber breaches, as well as effective response strategies to minimise operational disruptions. Importantly, capacity-building efforts must extend beyond cybersecurity professionals to include regular users of digital systems within ports. Alongside these measures, deepening international cooperation among the Indo-Pacific countries can serve as a force multiplier for strengthening cybersecurity across the region’s maritime infrastructure.
A sustained focus on strengthening port security infrastructure is critical to safeguarding the maritime sector from evolving digital threats. As India builds next-generation port infrastructure, cyber resilience must become a strategic imperative, fully embedded in national maritime and digital policies.
Anusha Guru is a Research Intern at the Observer Research Foundation.
The views expressed above belong to the author(s). ORF research and analyses now available on Telegram! Click here to access our curated content — blogs, longforms and interviews.
PREV
