Maritime Computer Emergency Response Team ADMIRAL dataset ADMIRAL dataset

Welcome to ADMIRAL,
the five-star maritime cybersecurity incidents dataset!

ADMIRAL stands for Advanced Dataset of Maritime cyber Incidents ReleAsed for Literature. ADMIRAL was created 7 years ago, in 2017, to centralize disclosed cybersecurity incidents in the maritime sector for education, research, and awareness raising activities or risk and threat assessment in the maritime cybersecurity sector.

As always with figures, please be cautious when elaborating trends or facts from this data. Despite all our hard work, we only put here publicly disclosed incidents. There can be biases, due to the quality, diversity and precision of sensors. This is, by no mean, a realtime dataset of what is happening now! Most of our data is not shown here, either because we don't trust the sources or don't want to quote them, but also because most of our activity is to anticipate, prevent incidents and coordinate response. Of course, we shall never disclose any privately reported incidents and we do respect the Traffic Light Protocol, as well as the protection of sources.

The purpose of this dataset is not to point fingers at the maritime sector, its actors, manufacturers, etc. On the contrary, we are helping them on a daily basis fighting adverse cyber activities. But they need a wide support to enhance their cybersecurity resilience and defense in depth. The names of the victims are given using public references (e.g. articles). We will never quote the name of a victim if it has not been made public.

It is maintained by the team of the Maritime Computer Emergency Response Team (M-CERT) operated by France Cyber Maritime non-profit organization fostering over 90 public and private bodies in maritime cybersecurity in France.

As of today, the ADMIRAL dataset contains 473 publicly disclosed maritime cybersecurity incidents, starting in 1980 and until 2024. It gathers 16 different incident types which occurred in 64 countries, impacting 22 maritime activities subsectors. It also contains 550 external references (such as press articles) for further thorough analysis by researchers.

You can explore our dynamic map, our global statistics page, our statistics by (geographic) continent, by country, by year, by threat, and by activity. You can also explore our dataset by starting by a random incident.

You can also use:

We hope this data and the work behind will be valuable to you. If they are, please respect the data source, the ethics behind, the people working on it, and take into account the contribution policy, license and reuse rules as stated on our Gitlab repository.

Last incidents added to the ADMIRAL dataset

Date (DD/MM/YYYY) Country Type Target Incident detail
24/9/2024 US Virus/Ransomware Industry To be disclosed
27/8/2024 US Virus/Ransomware Logistics To be disclosed
24/8/2024 US Undisclosed Leasure To be disclosed
20/8/2024 US Undisclosed Offshore To be disclosed
3/7/2024 ES Intrusion Offshore To be disclosed
2/7/2024 SG Intrusion Industry To be disclosed
17/6/2024 DE Virus/Ransomware Industry To be disclosed
17/6/2024 US Virus/Ransomware Industry To be disclosed
16/6/2024 PH Undisclosed Industry To be disclosed
27/5/2024 BG Denial of service Administration To be disclosed
Files generated on Tuesday, 29th October 2024.
ADMIRAL is licensed under the Creative Commons CC-BY-NC license. Copyright © France Cyber Maritime 2024.