Norwegian security experts have uncovered what are described as gaping holes in the cybersecurity aboard liquefied natural gas (LNG) ships. The findings, reported by Digi.no, paint a grim picture: In a worst-case scenario, an attacker could manipulate ship systems in a way that jeopardizes the vessel's stability.

Ships are controlled by outdated technology

A pervasive problem is that critical onboard systems — such as cargo handling, emergency shutdown, and boil-off gas management — are built on older platforms that were not developed with modern cyber threats in mind. Weaknesses such as a lack of two-factor authentication, poor network segmentation, and vulnerable telemetry are widespread, according to research data from DNV and other maritime security actors.

Guillaume Leleu, Senior Consultant for Maritime Cybersecurity at DNV, points to a structural dilemma: Older ships not built for high security requirements are now being connected to critical onshore infrastructure that is, in fact, subject to strict requirements. It is at this intersection that attackers find their entry points.

A single breach can compromise crew, individual ships, entire fleets, terminals — and the LNG cargo itself.
Hackers can capsize LNG ships: Norwegian experts uncover critical vulnerabilities

Attack Vectors and Hybrid Threats

Ransomware, phishing, and direct system intrusions are the most documented attack methods against maritime actors. But experts also warn of more complex threats: state and criminal actors can combine digital attacks on logistics and terminal systems with disinformation campaigns and geopolitical pressure to influence energy negotiations.

A concrete example of cross-border exploitation came in August 2024, when the Russian LNG ship Pioneer, according to research data, used GPS spoofing to avoid detection in Norwegian Arctic waters and circumvent sanctions.

Hackers can capsize LNG ships: Norwegian experts uncover critical vulnerabilities

Norway at the Center — but LNG Ships Fall Outside Regulations

LNG transport is not just a global industry — it is a cornerstone of Norwegian exports and European energy security. Norway's role as a major LNG exporter means that vulnerabilities in this fleet directly affect Norwegian interests.

A paradox in European regulations complicates the situation: the NIS2 directive, which imposes strict cybersecurity requirements, applies to floating storage and regasification units (FSRUs), but not to LNG transport ships. Martin Cartwright, Global Business Director for the Gas Carrier Segment at DNV, describes this as a «marked contrast» that the sector should take seriously. The situation is particularly problematic when LNG ships are connected directly to FSRUs that are, in fact, regulated.

LNG ships are exempt from the NIS2 directive — even when connected directly to infrastructure that is required to comply with it.

Regulatory Pressure on the Way

Svante Einarsson, Head of Maritime Cybersecurity Advisory at DNV for EMEA and APAC, suggests that regulatory tightening could come quickly. He points out that when the U.S. Coast Guard introduces new requirements, it is common for other flag states to follow suit with similar regulations.

DNV's own report states that the maritime sector must stop treating cyber threats as a technical niche project and instead recognize them as a business risk on par with other operational hazards. More than half of maritime professionals in the company's survey expect cyberattacks to disrupt ship or fleet operations within the next few years.

For Norway, this is not just an abstract global challenge. With one of the world's largest merchant fleets and a dominant position in the LNG market, Norwegian shipping companies and authorities are compelled to respond — before someone does it for them.