EPCYBER
EPCYBER
  • Home
  • Trainings
    • China OSINT Master
    • China OSINT Advanced
    • Chinese SOCMINT
    • Dark Web CTI Advanced
    • China OSINT Essentials
    • WeChat OSINT
    • QQ OSINT
  • Enterprise
  • Platform
  • Blog
  • Maritime
  • More
    • Home
    • Trainings
      • China OSINT Master
      • China OSINT Advanced
      • Chinese SOCMINT
      • Dark Web CTI Advanced
      • China OSINT Essentials
      • WeChat OSINT
      • QQ OSINT
    • Enterprise
    • Platform
    • Blog
    • Maritime
  • Home
  • Trainings
    • China OSINT Master
    • China OSINT Advanced
    • Chinese SOCMINT
    • Dark Web CTI Advanced
    • China OSINT Essentials
    • WeChat OSINT
    • QQ OSINT
  • Enterprise
  • Platform
  • Blog
  • Maritime

YOUR VESSEL IS EXPOSED. WE FIND IT FIRST.

Your satellite panel, crew credentials, and CCTV access may already be in the hands of hostile actors. We conduct intelligence-driven reconnaissance and penetration testing on superyachts and private vessels

Request Confidential Assessment

250+

250+

250+

Vessel & Port CCTV Exposed 

73%

250+

250+

Unpatched Vessel Systems

<48h

250+

<48h

Time To Compromise

// FIELD FINDINGS

RECONNAISSANCE

RECONNAISSANCE

RECONNAISSANCE

Yacht MMSI Numbers & Crew PII — Mapped in 3 Hours: With the beginning of the assessment, we located live vessel management dashboards exposing MMSI numbers, crew emails, and internal personal data.

SURVEILLANCE

RECONNAISSANCE

RECONNAISSANCE

Internal CCTV  Feeds Into Marinas, Decks & Cabins: Continuous visual access into marina berths, vessel decks, and interior spaces. Crew movements, guest activity, and docking patterns — all visible in real time.

COMMUNICATIONS

RECONNAISSANCE

COMMUNICATIONS

Satellite-Link Access on Target Vessel: VSAT control consoles located and accessed — exposing full satellite configuration, antenna positioning, and communications routing. Silent takeover and disruption capabilities confirmed.

All screenshots shown are sanitized. Real client data is never exposed.

AS PUBLISHED IN Eva Prokofiev's analysis on maritime vessels as adversary collection infrastructure — published by CIMSEC, the leading international maritime security think tank. Her work has been cited by the U.S. Army War College and various defense publications.

cimsec.org/the-unwitting-fleet/

// TRUST & EXPERTISE

We Don't Simulate Threats. We Find Real Ones.

Most maritime cybersecurity firms run compliance checklists. We run intelligence operations. Our background is military intelligence and offensive cyber — we think like the people looking at your vessel right now, not like the auditors who will never find what they're looking for.

15+ Years Experience

100% Confidential

Premium Support

Request Assessment

THREAT INTELLIGENCE

THREAT INTELLIGENCE

THREAT INTELLIGENCE

Intelligence collection tradecraft and penetration testing expertise developed across critical infrastructure, government, and maritime sectors. We search where auditors don't look.

DOMAIN EXPERTISE

THREAT INTELLIGENCE

THREAT INTELLIGENCE

Rare combination of maritime systems knowledge and offensive cybersecurity capability. We understand the vessel before we test it.

MONACO PRESENCE

THREAT INTELLIGENCE

MONACO PRESENCE

Serving yacht owners, captains, and management companies in Monaco, and the French Riviera. We operate where your vessels operate.

The Ocean Offers No Firewall

REQUEST A CONFIDENTIAL ASSESSMENT

// HOW IT WORKS

INTELLIGENCE-DRIVEN RECON

INTELLIGENCE-DRIVEN RECON

INTELLIGENCE-DRIVEN RECON

We search the open, deep, and dark web for existing exposure on your vessel — crew credentials, diagrams, supplier access, active targeting. We map what hostile actors already know before we begin testing.

PENETRATION TESTING

INTELLIGENCE-DRIVEN RECON

INTELLIGENCE-DRIVEN RECON

Manual testing of satellite links, onboard Wi-Fi, and connected systems. We attempt what an attacker would attempt — documenting every entry point we find.

EXECUTIVE REPORT

INTELLIGENCE-DRIVEN RECON

EXECUTIVE REPORT

Risk-prioritized action plan. Board-ready, insurer-compliant. Every finding rated, every fix specified. Delivered confidentially.

// What We Deliver

CYBER RISK ASSESSMENT

CREW CYBER AWARENESS TRAINING

CYBER RISK ASSESSMENT

A full intelligence-driven exposure assessment of your vessel or fleet. We identify what hostile actors already see — satellite consoles, open camera feeds, breached crew credentials, exposed management systems — and deliver a prioritized risk report.


Deliverable: Executive risk report, insurer-compliant. 


Available: Remotely or on-site at your vessel's location.

PENETRATION TESTING

CREW CYBER AWARENESS TRAINING

CYBER RISK ASSESSMENT

Active penetration testing of vessel systems — VSAT terminals, ECDIS, onboard Wi-Fi, cloud dashboards, and connected shore-side infrastructure. We attempt what an attacker would attempt, documenting every entry point.


Deliverable: Technical findings report with remediation priorities. 


Available: Remotely. 

On-site available on request.

CREW CYBER AWARENESS TRAINING

CREW CYBER AWARENESS TRAINING

CREW CYBER AWARENESS TRAINING

Practical cybersecurity training designed specifically for maritime crews — not generic corporate IT training. We cover phishing, social engineering, AI-powered threats, USB attacks, and vessel-specific scenarios. Delivered in plain language for non-technical crew.


Deliverable: Custom training session + simulation exercise. 


Available: Remotely or on-site aboard your vessel.


CREW EXPOSURE CHECK

SECURITY CONSULTATION

CREW CYBER AWARENESS TRAINING

Intelligence assessment of your crew's digital footprint. We search using our unique methodologies, frameworks and techniques for targeted data and exposure linked to your crew members — before someone else uses it.


Deliverable: Confidential report per crew member or full crew manifest. 


Available: Remotely. 

SECURITY CONSULTATION

SECURITY CONSULTATION

SECURITY CONSULTATION

One-on-one strategic consultation for owners, captains, fleet managers, or insurers. We review your current security posture, identify gaps, and provide actionable guidance without a full assessment engagement.


Deliverable: Consultation session + written recommendations. 


Available: Remotely or in person.

CONTINUOUS MONITORING

SECURITY CONSULTATION

SECURITY CONSULTATION

Dark web and open-source monitoring for your vessel, crew, and principal — active alerts when new exposure is detected. Monthly intelligence brief. 


Available: Remotely.


Services available remotely or on-site (Monaco, French Riviera). 

 All engagements are confidential and non-disruptive to vessel operations.

Request Confidential Assessment → team@epcyber.com


Recommended before: charter season start, vessel delivery from shipyard, ownership transfer, refit completion, crew change.

REQUEST AN ASSESSMENT

Field Intelligence

// WHO WE PROTECT

Yacht Owners & Private Charterers

From single-vessel owners to multi-yacht families and charter operators — anyone responsible for a vessel's safety, privacy, and the protection of guests and crew. We work discreetly, remotely, and around your schedule.

Captains, Fleet & Shipyard Managers

Onboard leaders and shore-side teams who need rapid, non-disruptive findings. We operate without interfering with voyages, refits, or crew schedules. Our reports are delivered in plain language — no IT department required.

Insurers, Brokers & Management Companies

Insurance underwriters, risk assessors, and yacht-management firms seeking verifiable cyber-risk documentation to lower exposure and meet compliance demands. Our assessments are insurer-ready and independently produced.

// FROM MONACO

Why Charter Brokers and Fleet Managers Are the New Frontline in Yacht Cybersecurity

A few months ago, we ran an exposure assessment on a charter yacht before the Med season. Within a few hours, we'd found the vessel's satellite panel, and two crew members' phone numbers and passwords sitting in breach databases — traced back to CVs they'd uploaded to crew agencies years ago...


- Vivanova Monaco

Read

Hidden Digital Risks in Luxury Yachts

Owning a superyacht has always been about freedom and exclusivity. But in today’s world, that freedom can be silently compromised. Many yachts now run on connected systems — from autopilot controls to crew Wi-Fi networks....


- Vivanova Monaco

Read

About the Founder

15+ years experience in intelligence and cybersecurity.

Oxford Business School — Executive Leadership. 

Chief Information Security Officer (CISO).


My work has been cited by the U.S. Army War College and various defense publications in EU and Middle East.

Founder of two companies: EPCYBER and RedRadar Technologies.


EPCYBER — founded in 2022 — is a recognized global leader in cyber intelligence training and services. Trusted by EU & U.S. government agencies and professionals from global firms across 50+ countries. We help intelligence teams gather and act on information from hard-to-access regions.


We deliver services across industries — defense, oil & gas, banking, maritime — including penetration testing, dark web monitoring, threat intelligence, and security assessments.


TECHNICAL EXPERTISE

OT/ICS Security & Hacking · Maritime Systems (ECDIS, AIS, VSAT) · Penetration Testing · Network & Infrastructure Security · Web & API Security · Cloud Security (AWS, Azure) · Docker & Container Security · Dark Web Intelligence · Threat Intelligence & OSINT

Eva Prokofiev

CEO, FOUNDER EPCYBER  & REDRADAR TECHNOLOGIES 

Follow our worK

instagram /evaprokofiev

// EPCYBER MARITIME THREAT DESK

Recent incidents tracked by our intelligence team




Malware Found on Passenger Ferry Sparks Espionage Investigation

French prosecutors investigating a suspected cyberattack on a passenger ferry. A Latvian crew member arrested and charged with conspiracy to serve a foreign power. Malware capable of controlling ship systems was discovered on board.

Threat Type: Remote Access Trojan (RAT) 

Target: Ship Control Systems 

Attribution: Suspected State Actor

Ransomware Gang Claims Attack on Australian Boat Builder

Qilin ransomware group claims to have exfiltrated 160GB of data from an Australian watersports boat manufacturer. Over 148,000 files allegedly stolen.

Threat Type: Ransomware (Qilin) 

Target: Corporate Data / Files 

Attribution: Qilin RaaS Group

GPS Jamming Spreads Beyond Conflict Zones

Ship collision and grounding risks rising. Approximately 38,500 vessels affected between April and November 2025. Spreading to key commercial shipping routes.

Threat Type: GPS Jamming / Spoofing 

Target: Navigation Systems 

Attribution: State Actors (Multiple)

Botnet Targeting Maritime DVR and Surveillance Systems

New botnet exploits vulnerabilities in vessel DVR systems used for CCTV. Harvests credentials and enables lateral movement across ship networks.

Threat Type: Botnet / IoT Malware 

Target: DVR / CCTV Systems 

Attribution: Unknown / Criminal

Shadow Fleets, Cyber Attacks and Spy Ships

Civilian vessels used for espionage in the Baltic. 239 disruptive cyber-attacks recorded in 2024. USB devices used to infiltrate ship systems.

Threat Type: Hybrid / Espionage 

Target: Vessel OT Networks 

Attribution: State-Sponsored

  • Enterprise
  • CTF
  • Platform
  • Blog
  • Maritime
  • Terms
  • OSINT Case Studies
  • Services

Share some cookies?

We use cookies to analyze website traffic and optimize your website experience. By accepting our use of cookies, your data will be aggregated with all other user data.

Accept