Not a day goes by without hearing about cyberattacks wreaking havoc for organisations and consumers around the world and the shipping and marine sectors are no exception.

Marinelink’s Security Operations Centre (SOC) report is quick to point out that for the second half of 2024, cybercriminals targeting the maritime sector have streamlined their tactics, enhanced their operational efficiency and worse, adopted emerging technologies to expand their attack capabilities.

Maritime intelligence company, Pole Star Global explains that Automatic Identification System (AIS) spoofing and GPS jamming are frequently used techniques that provide a false idea of ship locations while at sea and so it makes the case for using more effective persistent tracking methods.

But how should warship design and technology evolve to remain operational under GNSS denial, AIS spoofing, or degraded positioning environments?

“Today's warfighters train extensively in GNSS-denied environments and already navigate using layered methods: Inertial systems, celestial techniques and traditional seamanship, all feeding into combat management systems that fuse multiple PNT sources,” explains Alex Field, managing director, Pole Star Defense.

“But the evolution needed is threefold. First, broaden the PNT portfolio as emerging technologies like automated celestial navigation, magnetic anomaly navigation and eLoran reach maturity. Second, adopt open modular architectures so ships can integrate new PNT sources without redesign. Third, treat AIS as adversarial data and harden the recognised maritime picture through multi-sensor fusion with confidence scoring.”

Alex Field, managing director of Pole Star Defense

Design implications

Field explains that there are design implications arising from adopting persistent, multi-source vessel tracking onboard naval platforms.

Persistent, multi-source vessel tracking creates tension across several design dimensions.

Every active sensor improves the track picture but increases the ship's electromagnetic signature. Emissions Control (EMCON) becomes a first-order design consideration, favouring passive sensors like Electronic Support Measures (ESM) and electro-optical/infrared (EO/IR) systems that maintain situational awareness without broadcasting the ship's position.

“Fusing continuous data from radar, ESM, EO/IR, AIS and off-board sources demands significant onboard compute and cooling that legacy platforms were not designed to provide,” he says.

“Software-defined, modular computing architectures need to be designed in from the outset on newbuilds.

He explains that the combat management system must automatically correlate tracks across sensors, assign confidence scores and flag anomalies, particularly when AIS contradicts radar or EO/IR observations. AI and machine learning are increasingly applied to this correlation problem.

Sharing the fused picture across a task group requires bandwidth that may itself be contested. Each platform must therefore maintain a credible local picture independently and reconcile when connectivity is restored.

“The overarching design shift is treating tracking as an information architecture problem rather than a sensor problem: Open data architectures that decouple sensors from processing, allowing new sources and algorithms to be integrated without hardware changes,” Field says.

Reshaping shipboard systems

Field says cyber resilience is reshaping shipboard system architecture from perimeter defence to assuming compromise.

Zero trust principles, continuous verification of every user, device and data flow, are being adopted across Navy networks.

Initial implementation focuses on shore infrastructure and unmanned platforms, with extension to manned warship combat networks still maturing.

The complexity of legacy systems, real-time operational demands and Denied, Disrupted, Intermittent and Limited (DDIL) connectivity make this a significant engineering challenge.

Software-defined warships expand the attack surface. Over-the-air combat system updates are operationally transformative but demand rigorous supply chain assurance as commercial hardware and third-party code replace bespoke, air-gapped systems.

“Network segmentation must isolate combat systems, navigation, propulsion and damage control so breaches cannot cascade laterally. Systems must degrade gracefully under cyberattack in known, predictable ways that crews can manage, mirroring how damage control doctrine handles kinetic battle damage,” Field says.

Architectural discipline

Cyber survivability is now a naval architectural discipline equivalent to damage stability or shock resistance.

The DOD's System Survivability Key Performance Parameter, one of four mandatory KPPs for all weapon systems, includes a Cyber Survivability Endorsement that places cyber threats in the same acquisition trade space as kinetic ones.

On the commercial side, IACS unified requirements E26 and E27, mandatory for new construction contracts from July 2024, codify cyber resilience as a classification requirement alongside structural and stability standards.

“But the harder question is whether practice matches policy. Damage stability and shock resistance benefit from decades of test data, mature modeling tools and deeply ingrained design culture,” says Field.

“Cyber survivability is newer, the threat evolves faster than ship design cycles and testing a ship's cyber resilience under realistic conditions is inherently more complex than a shock trial. The formal discipline exists. Building the same depth of rigor and instinct around it is still work underway.”

Future bridge systems

Field says that cyber threats will continue to reshape bridge design around one core problem into the future: The operator can no longer implicitly trust what the screens are showing.

“Traditional bridge integration assumes sensor data is reliable. A cyber-compromised bridge may display spoofed positions, false contacts, or manipulated propulsion data and the danger is that operators act on it without recognising the tampering, says Field.

This drives several design implications. Displays need data integrity indicators that flag when inputs are inconsistent or potentially compromised, making the trustworthiness of data visible to the operator, not just the data itself. Manual fallback must be genuinely operable, not theoretically available.

And the deeper Human-Machine Interface (HMI) challenge is cognitive: Designing ship bridge interfaces that help operators recognise when they're being deceived rather than simply presenting data faster and in higher resolution.