I would rely on some of the assessments that have come out of the U.S. government. The U.S. government has publicly indicated that this threat is real and persistent. President Biden issued a strategy, a maritime cybersecurity strategy, last year, which documented significant gaps in the port system, as well as in ship systems. Many of these systems, whether it be ships, trains or planes, are built to last 30 years. What that means is that they contain legacy systems, outdated IT systems that have not been patched. The vulnerability is vast; it's deep, and the threat is persistent and real.
The U.S. Justice Department in October 2020 charged six Russian intelligence officers affiliated with the NotPetya malware attack that crippled the shipping giant Maersk and also attacked TNT—now FedEx.
There is evidence out there that some of these attacks, some of the largest, most impactful attacks, are state-based.