
(Posted on 03/07/26)
Major maritime, ports and energy companies have been identified by Cydome’s threat-intelligence unit as having Fortinet Firewall passwords and logins leaked in the recent “FortiBleed” incident.
More than 86,000 Administrator credentials of Fortinet Firewalls and other devices protecting the networks of thousands of organisations across 194 countries were breached, with hackers gaining unauthorised access to the Fortinet devices and enabling them to further compromise the target networks and data.
Cydome research shows that the leak, which is estimated to represent 50% of all internet-reachable FortiGate devices, also included 703 satellite-linked IP addresses associated with maritime satcom service providers.
Of the 250+ maritime firms found to be impacted by the incident, most were shipowner/management companies, and “consistent with FortiBleed hitting the operational core of maritime trade, not just back-office IT,” said Cydome founder and CEO Nir Ayalon.
“Although we are still monitoring the extent of FortiBleed on the industry, of all maritime-related logins leaked, 41.5% were shipping and freight companies, 31.2% were offshore contractors and service companies, 10.7% newbuild and repair yards, and 6.7% were Port Authorities and logistics firms.
“The team found that 87% of Fortinet devices exposed to the internet still had internet-facing management interfaces available, while 63% of harvested credentials related to default or built-in administrator accounts that had never been renamed.
“This suggests that many organisations have not yet taken the steps needed to fully secure affected systems… probably because they don’t know they have been hacked, yet!” said Ayalon.
FortiBleed differs from many cyber incidents because it is not based on a newly discovered software vulnerability. Instead, it exploits older administrator credentials that remained vulnerable after software upgrades.
In many cases, organisations updated their systems but did not take all the necessary steps to fully replace and discard legacy passwords, allowing attackers to recover valid credentials and test them against live devices - even after the Fortinet software patch.
Commenting on the seriousness of the incident, Cydome co-founder and VP R&D Alon Ayalon said it has already prompted action from the U.S. Cybersecurity and Infrastructure Security Agency (CISA)
“We urge organisations to follow the CISA guidance and terminate active administrator and VPN sessions, reset passwords, enable multi-factor authentication and investigate systems for signs of unauthorised access.”
Appearing in the FortiBleed dataset does not necessarily mean an organisation is compromised. “But it does indicate that credentials associated with its network security infrastructure have been exposed and should be treated as a potential vulnerability,” said the VP R&D.
"Shipping is one of the world's most connected industries, and that connectivity is essential for efficient operations," he said.
Algoma Central Corporation, a leading provider of marine transportation services, has announced that... Read more
As the global shipping industry faces mounting concerns over future crew availability, Danica Crewing... Read more
Following an attack on a vessel in the Gulf of Oman, IMO has decided to temporarily pause its evacuation... Read more
Leading health and wellness platform OneCare Group is calling on shipping leaders to recognise the immense... Read more
NorthStandard will partner maritime welfare charity Sailors’ Society to support seafarers&rsquo... Read more
The International Marine Contractors Association (IMCA) has reminded vessel owners and operators of... Read more
AI is promising enormous benefits for the maritime industry. However, as shipping embraces digitalisation... Read more
DNV has published a recommended practice (RP) providing a standardised framework for measuring and verifying... Read more
ClassNK has announced that it has earned authorisation from the French Government (Directorate general... Read more
ESL Shipping is to integrate its subsidiary AtoB@C Shipping into a unified ESL Shipping brand.... Read more