A hacker group known as Lab Dookhtegan has announced that it successfully disrupted the communication networks of 116 ships operated by two major Iranian shipping companies. The attack, described as one of the most significant cyber operations against Iran’s maritime sector, reportedly severed the ships’ connections to each other, their ports, and external communication channels.
According to a statement released by the group on Telegram, the attack specifically targeted the National Iranian Tanker Company (NITC) and the Islamic Republic of Iran Shipping Lines (IRISL). These companies, which are sanctioned by the United States, the United Kingdom, and the European Union, allegedly facilitate the sale of Iranian oil at reduced prices and are accused of supplying munitions to the Houthis in Yemen.
Lab Dookhtegan claimed that the operation was timed to coincide with U.S. military actions against the Iran-backed Yemeni Houthis. By disrupting the communication networks of the targeted vessels, the group stated that it had significantly hindered their operations, with full restoration of the affected systems potentially taking weeks.
“Ship personnel can no longer communicate with one another, and their connection to the ports and outside world has been severed”, the hacker group stated.
Although Iranian authorities have not yet responded to the claims, past incidents suggest that the Iranian government typically either denies cyber intrusions or attributes them to foreign intelligence agencies. If confirmed, this would be one of the most disruptive cyberattacks against Iran’s maritime sector in recent years.
Industry analysts suggest that Iranian commercial and military vessels rely on a combination of satellite, radio, and encrypted digital networks for communication. Some reports indicate that NITC’s fleet uses VSAT (Very Small Aperture Terminal) satellite technology for offshore coordination. The success of this attack suggests that vulnerabilities may exist in these systems despite previous cybersecurity measures.
The full extent of the damage remains unclear, but Lab Dookhtegan has indicated that this may be just the beginning of a broader cyber campaign against Iranian-backed maritime operations. With growing geopolitical tensions in the region and heightened scrutiny on Iran’s oil exports, the long-term impact of this attack could extend beyond immediate logistical disruptions to include financial and security ramifications for Iranian-flagged vessels in international waters.
The 
