Ciberseguridad en el Mediterráneo: Forjar un escudo digital para un región vital

Cybersecurity in the Mediterranean: Building a digital shield for a vital region

ANALYSIS

26 | 06 | 2025

Texto

Lack of state capacity and a dysfunctional regulatory framework force the search for joint solutions

In the picture

View of the port of Barcelona [Port de BCN].

In the digital era in which we live, cybersecurity has become a fundamental pillar for the development and stability of strategic regions such as the Mediterranean. Characterized by its intense economic, political and cultural activity, this area faces unique challenges in the digital domain that require urgent and coordinated attention. The protection of critical infrastructure, sensitive data and communication systems is a priority for governments, businesses and citizens throughout the Mediterranean basin.

Cybersecurity is defined by the International Telecommunication Union as the preservation of the confidentiality, integrity and availability of information in cyberspace. This concept includes a set of tools, policies, security concepts, safeguards, guidelines, risk management methods, training actions, best practices, insurance and technologies that can be used to protect an organization's assets and users in the digital environment. On the other hand, the European Union defines it as "the activities necessary to protect networks and information systems, the users of these systems and others affected by cyber threats".

The importance of cybersecurity is intensifying given the increasing digitization of companies and territories. Digital transformation has brought with it both new opportunities and increased vulnerability to cyber threats. Protecting critical information and systems is now an inescapable necessity to ensure the stability and progress of the area.

In the Mediterranean, increased digitization has led to an exponential increase in cyber threats, which are now more sophisticated and harder to detect. The maritime, port or logistics sectors, essential to the region's Economics , are facing increasing risks, from ransomware attacks capable of paralyzing port operations to information theft, the consequences of which can be devastating for the region.

Thus, cybersecurity can no longer be understood as a luxury, but as a fundamental necessity for states and organizations. Investing in cyber defense capabilities, developing appropriate legal frameworks and fostering international cooperation is essential to mitigate risks and ensure security in cyberspace.

Digital Mediterranean: A sea of threats

The Mediterranean faces a number of cyber threats that complicate its stability and prosperity. Such threats range from attacks on critical infrastructure to the use of the internet by terrorist groups, and require a coordinated and proactive response.

One of the main concerns is the protection of critical infrastructures in the area, such as ports, fiber optic cables and, especially, communications hubs. Mediterranean ports playa fundamental role in international trade and energy security, and are a core topic for the stability and prosperity of the entire region. Disruption of operations in these ports can have serious consequences, both economic and geopolitical. It is not surprising, therefore, that the European Union Agency for Cybersecurity, ENISA, has highlighted the importance of European ports addressing new cyber threats to ensure the integrity of their operations.

Critical infrastructures are vulnerable to many types of attacks. As an example, in 2018, the port of Barcelona suffered a 'ransomware' attackthat affected several of its servers. Although in this case maritime operations were not compromised, the incident forced the activation of contingency plans and highlighted vulnerabilities in the IT systems of one of the most important port infrastructures in the Mediterranean, revealing the need to improve cybersecurity measures in ports; although the organization managed to contain the impact of the attack, the incident demonstrated that even well-established critical infrastructures can be vulnerable to cyber threats.

Another case of similar seriousness took place in October 2022, when physical sabotage occurred on fiber optic cables near Marseille, France. This attack, suspected to have been deliberate, affected internet connectivity globally. The severed cables were crucial landing points for several undersea internet connections, triggering a chain reaction of connectivity problems in Europe and beyond. Specifically, the disruption caused by this sabotage impacted connectivity between several areas, such as Marseille-Lyon, Marseille-Milan and Marseille-Barcelona, underlining the interdependence of communication networks in the Mediterranean region, and highlighting the vulnerability of critical communication infrastructures and the lack of adequate measures to protect these vital assets.

Cyber-attacks on navigation systems also play an important role in the security of the area. A case that perfectly illustrates the lack of preparedness to repel this subject of attacks occurred in January 2025, when a 15-year-old Italian teenager managed to hack and alter the routes of several oil tankers in the Mediterranean. Using only a staff computer, and from his bedroom, the young man managed to access the navigation systems of several oil tankers, altering their programmed routes. This event highlighted the fragility of maritime security systems, as well as the ease with which an individual, even without sophisticated resources, could compromise the proper functioning of such important elements. The Italian authorities, surprised by the magnitude of the attack, stressed the urgent need to strengthen cybersecurity in the maritime sector.

Another modality of cyber-threat is phishing, a technique used by cyber-crime to obtain confidential information, the use of which has increased in recent years, with the duplication of attacks in the United States and Europe. Phishing represents a considerable risk for companies and citizens in the Mediterranean area, as it can compromise the security of computer systems, lead to the theft of personal and financial data , and even damage the reputation of organizations.

The phishing threat also affects maritime infrastructures, especially those located offshore, such as oil platforms or specialized vessels. In these cases, attackers seek staff credentials or exploit remote access to infiltrate industrial control systems, compromising both operational and environmental security. These infrastructures, due to their isolation and dependence on automated systems, are particularly vulnerable to targeted cyber-attacks.

Finally, although the use of the internet by terrorist groups is a global phenomenon, it represents a shared challenge for Mediterranean countries, which face common risks due to their geographical proximity to unstable areas. An example of this regional impact was the manager cell of the attacks in Barcelona and Cambrils in 2017, whose radicalization process took place mainly through the internet, as pointed out by the Elcano Royal Institute. The fight against this threat has been highlighted by the EUcommittee as a strategic priority

All these cases demonstrate the lack of preparedness to deal with sophisticated cyber-attacks in the region. Each incident underscores the urgent need to strengthen cyber defenses. The ease with which these attacks were carried out demonstrates that security measures are insufficient to protect critical infrastructure. Moreover, the interconnectedness of systems in the region means that a localized attack can have far-reaching repercussions, as was the case with the sabotage of the Marseille cables.

The incidents have served as a wake-up call for Mediterranean authorities and critical infrastructure operators: it is clear that significant investment in cybersecurity technology, training of specialized staff and development of more robust response protocols are needed. They also highlight the importance of international cooperation in the fight against cyber threats due to their cross-border nature.

In the picture

Laying of the SEA-ME-WE 6 (Southeast Asia-Middle East-Western Europe) submarine cable between Marseille and Singapore [Orange].

Defense networks: Global responses to local challenges

In response to these growing cyber threats, the international community has developed a series of measures and cooperative frameworks to strengthen cybersecurity and defense against attacks in cyberspace. These measures are essential to address current challenges, but also reflect the complexities inherent in the regulation of cyberspace.

At the global level, it is necessary to mention the Center of Excellence for Cooperative Cyber Defense (CCDCOE), established by NATO in Tallinn, which is dedicated to research and training in cyber defense. It was opened in 2008 at the initiative of Estonia due to the massive cyber-attacks suffered by the Baltic country a year earlier, which alerted NATO to the growing relevance of cyberspace threats. This has been extremely important in developing tools such as the Tallinnguide , which is a comprehensive analysis of how international law can be applied to cyber operations. Although it is a reference letter core topic in academic and military circles, it is not binding and its internship application depends entirely on the will of the state.

The Budapestagreement , adopted in 2001 and in force since 2004, was the first treaty to establish a legal framework to combat cybercrime and facilitate cooperation between countries. However, its ability to address today's threats is limited, due to rapid technological evolution and the fact that not all countries have ratified the convention. Despite being an essential tool , its scope is insufficient to meet the modern challenges of cybercrime. In 2022, the Second Additional protocol to the Budapest agreement was adopted, which seeks to improve international cooperation in obtaining electronic evidence and respond to current needs in the digital environment.

Similarly, in response to the growing sophistication and global reach of cybercrime, the United Nations General Assembly adopted the United Nations Convention against Cybercrime on December 24, 2024. This Convention provides states with a detailed framework for preventing and combating cybercrime, including measures for international cooperation in obtaining and exchange electronic evidence in serious crimes. Its nine chapters address both the technical and legal aspects of the fight against cybercrime, incorporating safeguards for human rights and adapting traditional methods of criminal research to the digital environment.

At the European level, several initiatives have been developed to strengthen cybersecurity. The EU Cyber Defense Policy, adopted in 2022, seeks to improve the defensive capabilities of member states and foster greater coordination among them. Added to this is the 2024 Cyber Solidarity Regulation, which establishes a European system for alerts and response mechanisms for cyber emergencies.

Apart from the above, institutions such as the European Cybercrime Center (EC3), established by Europol, play a crucial role in the fight against cybercrime within the European Union. This body facilitates cooperation between national police forces and coordinates cross-border investigations.

Also noteworthy is the CyberSouth program, a joint initiative of the European committee and the European Union designed to strengthen legal and institutional capacities in the subject of cybersecurity in the southern Mediterranean states.

With respect to critical infrastructure protection, through the Cable Security Action Plan, the European Union proposes a comprehensive approach that includes prevention, detection, response and deterrence of threats such as deliberate acts of sabotage. In this context, it promotes investment in intelligent cables, integrated monitoring systems by sea basin and the possible creation of a reservation fleet of specialized cable repair vessels. In addition, cable diplomacy is being promoted to strengthen cooperation with neighboring Mediterranean countries as part of a coordinated effort to ensure the resilience and security of these critical infrastructures in the face of hybrid campaigns and emerging risks. These proposals have already begun to materialize, with the implementation of measures such as improved maritime surveillance, investment in new technologies and coordination of resources, although many are still in the early stages.

Mediterranean Cyberspace: Horizons and Challenges

The proposed solutions for cybersecurity in the Mediterranean basin face common limitations, such as the lack of a common and binding regulatoryframework , which generates uneven implementation and weakens regional cooperation. In addition, the absence of clear definitions on core topic concepts and legislative differences between countries hinder the creation of consistent standards and an effective response to threats. The rapid advancement of artificial intelligence and the rise of cyberterrorism, coupled with the difficulty in attributing attacks, further complicate the status. It is therefore critical that countries in the region work together to develop a flexible and robust regulatory framework that facilitates cooperation and allows for adaptation to technological changes. Although many of the current initiatives are general in scope and not specific to the Mediterranean, they represent a starting point for moving towards greater regional cybersecurity.

To address cybersecurity challenges in the Mediterranean region, solutions are proposed that seek to strengthen cyber cooperation and resilience. One of the core topic strategies, proposal by experts and think tanks such as EuroMeSCo since 2023, is the development of a trans-Mediterranean cybersecuritydiary , which seeks to create a common framework that aligns cybersecurity policies between the EU and North African countries, promoting cooperation in areas such as critical infrastructure protection and the fight against cybercrime. Although the initiative has generated interest in political and academic forums, its internship application is still limited and is in the discussion and design phase, without fully operational institutional mechanisms for its implementation.

In 2024, the Arab Cyberspace Research Center presented a proposal aimed at boosting digital cooperation and technological sovereignty in the Mediterranean region. Among its priorities are the improvement of connectivity, the promotion of innovation and the strengthening of trust between the various regional actors. To this end, the center proposes the creation of a mechanism for the exchange of information and best practices in cybersecurity, as well as the implementation of a regional fund for innovation in this field, which would support the development of advanced technological solutions and partnership between the public and private sectors. Its development does not yet have operational mechanisms for internship implementation, but it has aroused interest in political and academic circles.

partnership between governments, businesses and civil society organizations is essential to ensure that these initiatives are inclusive and address the region's specific social, economic and political challenges, and their internship requires significant political commitment and investment of resources. However, the cost of inaction can be much higher due to the major impact that cyber-attacks have on Economics, security and stability in the region.

Conclusions

Cybersecurity has established itself as a strategic and unavoidable element for the stability, economic development and security of the Mediterranean region. The increasing digitization of critical infrastructures, economic sectors and public services has opened up new opportunities, but has also exposed the region to increasingly sophisticated and disruptive cyber threats. Recent incidents highlight the vulnerability of systems and the urgency of strengthening both technical and regulatory defenses.

A major challenge remains regulatory fragmentation and the lack of a common framework , which hinders international cooperation and a coordinated response to threats that, by their very nature, transcend borders. The absence of clear definitions and binding legal instruments leads to security gaps and uneven implementation of measures, even within the EU. Added to this is the disparity of technical capabilities and resources between coastal countries, which aggravates the region's exhibition to cyber risks. Faced with this scenario, the response is to strengthen multilateral cooperation, harmonize legal frameworks and focus on training and development of its own capabilities.

The Mediterranean, because of its role as a bridge between continents and a strategic node of communications and trade, cannot afford weaknesses in its digital shield. Only through real cooperation, technological innovation and commitment will it be possible to ensure a secure and resilient cyberspace capable of sustaining the development and stability of the region.