In the picture
View of the port of Barcelona [Port de BCN].
In the digital era in which we live, cybersecurity has become a fundamental pillar for the development and stability of strategic regions such as the Mediterranean. Characterized by its intense economic, political and cultural activity, this area faces unique challenges in the digital domain that require urgent and coordinated attention. The protection of critical infrastructure, sensitive data and communication systems is a priority for governments, businesses and citizens throughout the Mediterranean basin.
Cybersecurity is defined by the International Telecommunication Union as the preservation of the confidentiality, integrity and availability of information in cyberspace. This concept includes a set of tools, policies, security concepts, safeguards, guidelines, risk management methods, training actions, best practices, insurance and technologies that can be used to protect an organization's assets and users in the digital environment. On the other hand, the European Union defines it as "the activities necessary to protect networks and information systems, the users of these systems and others affected by cyber threats".
The importance of cybersecurity is intensifying given the increasing digitization of companies and territories. Digital transformation has brought with it both new opportunities and increased vulnerability to cyber threats. Protecting critical information and systems is now an inescapable necessity to ensure the stability and progress of the area.
In the Mediterranean, increased digitization has led to an exponential increase in cyber threats, which are now more sophisticated and harder to detect. The maritime, port or logistics sectors, essential to the region's Economics , are facing increasing risks, from ransomware attacks capable of paralyzing port operations to information theft, the consequences of which can be devastating for the region.
Thus, cybersecurity can no longer be understood as a luxury, but as a fundamental necessity for states and organizations. Investing in cyber defense capabilities, developing appropriate legal frameworks and fostering international cooperation is essential to mitigate risks and ensure security in cyberspace.
Digital Mediterranean: A sea of threats
The Mediterranean faces a number of cyber threats that complicate its stability and prosperity. Such threats range from attacks on critical infrastructure to the use of the internet by terrorist groups, and require a coordinated and proactive response.
One of the main concerns is the protection of critical infrastructures in the area, such as ports, fiber optic cables and, especially, communications hubs. Mediterranean ports playa fundamental role in international trade and energy security, and are a core topic for the stability and prosperity of the entire region. Disruption of operations in these ports can have serious consequences, both economic and geopolitical. It is not surprising, therefore, that the European Union Agency for Cybersecurity, ENISA, has highlighted the importance of European ports addressing new cyber threats to ensure the integrity of their operations.
Critical infrastructures are vulnerable to many types of attacks. As an example, in 2018, the port of Barcelona suffered a 'ransomware' attackthat affected several of its servers. Although in this case maritime operations were not compromised, the incident forced the activation of contingency plans and highlighted vulnerabilities in the IT systems of one of the most important port infrastructures in the Mediterranean, revealing the need to improve cybersecurity measures in ports; although the organization managed to contain the impact of the attack, the incident demonstrated that even well-established critical infrastructures can be vulnerable to cyber threats.
Another case of similar seriousness took place in October 2022, when physical sabotage occurred on fiber optic cables near Marseille, France. This attack, suspected to have been deliberate, affected internet connectivity globally. The severed cables were crucial landing points for several undersea internet connections, triggering a chain reaction of connectivity problems in Europe and beyond. Specifically, the disruption caused by this sabotage impacted connectivity between several areas, such as Marseille-Lyon, Marseille-Milan and Marseille-Barcelona, underlining the interdependence of communication networks in the Mediterranean region, and highlighting the vulnerability of critical communication infrastructures and the lack of adequate measures to protect these vital assets.
Cyber-attacks on navigation systems also play an important role in the security of the area. A case that perfectly illustrates the lack of preparedness to repel this subject of attacks occurred in January 2025, when a 15-year-old Italian teenager managed to hack and alter the routes of several oil tankers in the Mediterranean. Using only a staff computer, and from his bedroom, the young man managed to access the navigation systems of several oil tankers, altering their programmed routes. This event highlighted the fragility of maritime security systems, as well as the ease with which an individual, even without sophisticated resources, could compromise the proper functioning of such important elements. The Italian authorities, surprised by the magnitude of the attack, stressed the urgent need to strengthen cybersecurity in the maritime sector.
Another modality of cyber-threat is phishing, a technique used by cyber-crime to obtain confidential information, the use of which has increased in recent years, with the duplication of attacks in the United States and Europe. Phishing represents a considerable risk for companies and citizens in the Mediterranean area, as it can compromise the security of computer systems, lead to the theft of personal and financial data , and even damage the reputation of organizations.
The phishing threat also affects maritime infrastructures, especially those located offshore, such as oil platforms or specialized vessels. In these cases, attackers seek staff credentials or exploit remote access to infiltrate industrial control systems, compromising both operational and environmental security. These infrastructures, due to their isolation and dependence on automated systems, are particularly vulnerable to targeted cyber-attacks.
Finally, although the use of the internet by terrorist groups is a global phenomenon, it represents a shared challenge for Mediterranean countries, which face common risks due to their geographical proximity to unstable areas. An example of this regional impact was the manager cell of the attacks in Barcelona and Cambrils in 2017, whose radicalization process took place mainly through the internet, as pointed out by the Elcano Royal Institute. The fight against this threat has been highlighted by the EUcommittee as a strategic priority
All these cases demonstrate the lack of preparedness to deal with sophisticated cyber-attacks in the region. Each incident underscores the urgent need to strengthen cyber defenses. The ease with which these attacks were carried out demonstrates that security measures are insufficient to protect critical infrastructure. Moreover, the interconnectedness of systems in the region means that a localized attack can have far-reaching repercussions, as was the case with the sabotage of the Marseille cables.
The incidents have served as a wake-up call for Mediterranean authorities and critical infrastructure operators: it is clear that significant investment in cybersecurity technology, training of specialized staff and development of more robust response protocols are needed. They also highlight the importance of international cooperation in the fight against cyber threats due to their cross-border nature.