Off-Vessel Security Baseline
We tested internet-facing systems, wireless signals, and employee readiness to give a maritime operator a practical, prioritized view of external risk.

Industries
Maritime Transportation
Services
Security Awareness Testing,
Vulnerability Assessment,
Penetration Testing
About the project
A maritime transportation operator needed to understand what an unauthenticated outsider could learn and attempt across its internet-facing systems and the wireless environment around a working vessel. The assessment had to reflect real attacker conditions: no credentials, no insider help, no assessor access aboard the vessel, and strict limits to protect operations.
The goal was to verify actual exposure rather than rely on scanner output alone, test employee-facing attack paths safely, and give leadership a prioritized baseline for reducing external risk. Because the environment included both business and operational technology, every test also had to avoid disruption.
What we did
- We mapped the operator's public attack surface through open-source research, service discovery, vulnerability scanning, and manual verification. Follow-up checks separated real exposure from scanner noise: a critical-looking alert was downgraded to informational, and no obvious internet-facing foothold was confirmed within the assessment window. Scans and validation steps were tuned to protect production availability.
- We evaluated Wi-Fi, Bluetooth, and radio signals from an authorized off-vessel position, using passive collection where possible and tightly controlled wireless techniques. Visible network and device broadcasts showed where hardening and segmentation deserved attention. Low user activity limited active validation, and no wireless credentials or network access were obtained.
- We built a controlled phishing campaign from publicly available information and paired it with a benign removable-media exercise. No employee clicks were recorded, and the monitored files produced no interaction alerts during the observation period. Mail responses still revealed that valid addresses could be distinguished, so we recommended stronger anti-enumeration and phishing-reporting controls.
- We also reviewed public web and form behavior, including encryption, security headers, third-party scripts, input validation, and nonproduction exposure. Manual API checks confirmed that key validation and anti-automation controls were working, while the remaining findings centered on consistent hardening and specific configuration gaps. Leadership received ranked findings and practical remediation steps for web, email, wireless, and edge controls.
Technologies Used
Tenable IO
N map

Aircrack-ng
Wire Shark

WiFi Pineapple
Software-defined radio
ffuf
NIST
OWASP

