Abstract

The accelerating digital transformation of the maritime industry, driven by the widespread adoption of Internet of Things (IoT) devices, integrated vessel systems, and automated port operations, has significantly expanded its cyber-attack surface, rendering it increasingly vulnerable to sophisticated threats. This study investigates the application of Open-Source Intelligence (OSINT) as a proactive, scalable, and cost-effective methodology for enhancing maritime cybersecurity. We present a specialized maritime OSINT framework comprising a systematic five-phase workflow (Identification, Collection, Processing, Analysis and Dissemination) tailored to the sector’s unique operational and threat landscape. The framework is supported by a comprehensive taxonomy of maritime cyber threats and a curated toolkit of over 100 OSINT resources, spanning vessel tracking, corporate intelligence, digital reconnaissance, and analytical platforms. Through applied case studies, we demonstrate how this approach can identify critical vulnerabilities such as exposed operational technology, weak software supply chain links, and human-factor risks derived from publicly accessible data. Our findings confirm that maritime OSINT provides an indispensable intelligence layer, enabling stakeholders to transition from reactive security postures to proactive risk management through early threat detection, informed vulnerability assessment, and enhanced situational awareness, while adhering to the proposed ethical and legal guidelines for responsible intelligence collection.