Marlink report reveals evolving cyber risk driven by user credentials and human error
According to Marlink’s new Cyber Intelligence Report for Remote Operations 2026, IT/OT convergence is further expanding exposure across digitalized operations on ships and industrial sites in remote environments on land.
In 2025, 60% of assessed sites relied on shared infrastructure, over 70% had undocumented or poorly secured connections, and 30-40% of OT assets were initially unknown or unmanaged. These gaps are increasingly exploited through trusted access rather than malware.
The human factor remains a critical focus in cybersecurity. Phishing simulations showed that 20% of users clicked malicious links and 11% disclosed credentials, while only 11% reported incidents. Ransomware continues to scale, with incidents detected across Marlink-monitored environments rising from 5,740 in 2024 to 7,793 in 2025. More than half of these incidents targeted transportation, energy and manufacturing. In maritime environments, 82% of alerts were concentrated in crew network zones, reinforcing user-facing systems as the primary attack surface.
Read more at Marlink