France has opened a counter-intelligence investigation into suspected foreign cyber interference after malware was discovered on the computer systems of an international passenger ferry, leading to the arrest of two crew members and prompting warnings over the vulnerability of European transport infrastructure. The WP Times reports, citing The Associated Press, that the case is being treated as a serious national security matter.
Arrests and allegations
According to French prosecutors, police detained two crew members last Friday after investigators detected attempts to gain unauthorised access to the vessel’s data processing systems. The incident took place aboard an unnamed international passenger ferry while it was docked at the Mediterranean port of Sète.
The suspects are a Latvian and a Bulgarian national. The Latvian crew member remains in custody and has been formally charged with criminal conspiracy and computer hacking offences allegedly committed “in the interests of an unidentified foreign power”. The Bulgarian national was questioned and subsequently released without charge.
How the malware was discovered
The investigation was launched after Italian authorities alerted France’s General Directorate for Internal Security (DGSI) to suspicious software detected on the ferry’s onboard computers. In a statement, the Paris prosecutor’s office said the software identified is sometimes used by cybercriminal networks.
Investigators believe the systems may have been compromised using a Remote Access Trojan (RAT) — a form of malware that can allow external actors to remotely access, monitor or control infected computers.
Government response
France’s Interior Minister Laurent Nuñez described the case as “very serious” and said investigators were following a clear line of inquiry involving foreign interference.
“Foreign interference very often comes from the same country,”
Nuñez said, stopping short of naming a state directly.
He added that authorities had no evidence at this stage that the suspects intended to seize control of the vessel, but stressed that the presence of such malware on a passenger ferry could not be treated lightly.
Russia and hybrid warfare concerns
European security officials have repeatedly accused Russia of waging a hybrid campaign against EU states, combining cyberattacks, sabotage, disinformation and covert operations. While French authorities have not formally attributed responsibility, officials acknowledged that the ferry case is being examined within this broader security context.
According to AP, searches were carried out in Latvia as part of the investigation, though Latvian police declined to comment.
Impact on ferry operations
French authorities said the ferry’s computer systems were subjected to a full security audit following the discovery. After being cleared by investigators, the vessel was allowed to return to service.
Officials confirmed there was no immediate danger to passengers, but acknowledged that the case underscores growing concerns over the exposure of civilian transport networks to cyber intrusion.
Security experts warn that even limited access to onboard IT systems could be exploited for intelligence gathering, operational disruption or strategic signalling, particularly in an era where transport hubs are increasingly digitised and interconnected.
The investigation remains ongoing, with French counter-intelligence services working alongside European partners to determine whether the incident was an isolated case or part of a wider campaign targeting critical infrastructure.
Read about the life of Westminster and Pimlico district, London and the world. 24/7 news with fresh and useful updates on culture, business, technology and city life: Is Spotify Wrapped 2025 Out Yet? See When Your Music Recap Will Finally Drop