Here's my deal killer with Virus. This is written from the perspective
of a guy who's written interface software between systems for the last
three decades and then some...

 "Transponder Attack" isn't a network connection. It's not a "We've
got to handle web pages" over this. It's an exchange of history files
to establish the provenance fo the ship.
Some header to say "Coquelle, YF-EU42, home port Carmel" and then a
list of locations and other ships that can vouch for it, the idea
being that the itneraction of vouchers authenticates. The receiving
ship plays six-degrees-of-starship-Bacon and decides the story can be
trusted or not.
The thing there - it's a known file format, of a known maximum record
length, with a known number of entries back.
That makes a maximum message size...
No buffer overrun attacks.
No embedded SQL attacks.
Nothing there to give the attacker a handhold, just the equivlent of
CSV file and if in the course of recieving it the buffer hits the
known maximum size, we stop listening and send a NAK. Or open fire,
depending on the situation.

There's no "we're getting a Javascript as part of the transponder message"
Theres no "Hey, I have to run this code they sent me to display an animation"

There's just a simple data file.

So.........
IMTU, the planning went much deeper. The "Shadowy Folks" , the 3I's
equivalent of black-hat-NSA, added a module to the transponder code
that was shipped out in the Black Boxes, going to both Imperial
shipyards and to the other polities, with a "You need a 3I approved
Black Box to travel in Imperial space". These things were installed at
the shipyard with the Virus in them.
The code remained dormant until a particular string of characters
appeared in the transponder file, and then it went violent.

GPT's evil descendant then began monitoring all network traffic, the
ship's equvilent of the CAN bus in a car, and figuring out how to work
the ship. For many designs, it already had files so this process was
quick.

Once it had control of the ship's other systems, it could operate
drones and work-remotes on the ship - why spend Kcr on a robot brain
when the things's going to be in the ship all the time and a radio
link would work fine?
And that mentality of "Robot Brain In The Cloud" would apply planet
side. A ship could use it's radios to locally overwhelm the wireless
network used by the road grid, or worker bots, and then just send
command strings to those devices.

There's some serious differences between this and the OTU Virus...
First, once it's known what's going on, you take a shotgun and
reprogram the Black Box. Bang. Dead.
Second, you build your own transponder that just sends and recognizes
your group's private authentication code, and not the whole history
thing. It listens for anyone, though, and if the "Turn Evil Now!"
messages is present in the other ship's transponder data, it lets you
know.
Third, you kill network connections between ships. I'm not sure this
should be a thing anyway - I picture the way it should have been from
the beginning as more like packet radio writ large, at most. You're
not logging into anyone else's computer. The closest is sending a
packet of data that says, "Destination ID: 12345. Source: 67890.
Message: yaddayaddayadda" . Each ship recieving it checks to see if
the message is for them, and if it is puts it on a screen. If not, it
checks the signal strength. If it's strong (ie, someone real close
sent it), it does nothing. If it's under a threshold, it retransmits
to increasse the area covered.
If the packet is for you, your reciever program has the option (you
need to turn it on) that if the YaddaYadda starts with a certain flag,
then the data is written to a file. From a user perspective, you'd get
"Flagship wants to send file MappingData. Accept?" and then anything
in the message that starts with "File:MappingData Line:###" gets put
in the file.

That file would be non-executable, and serious measures in place to
keep it that way. A crew member with proper security access could
force it, but it would not be something that could be done from the
outside or by accident.

Secure data transfer would be by one-time-pad, with the OTP on
removable media. IMTU, most Navy officers have a thing like a USB
drive on the necklace their dog tags are on. It's got a metabolic
sensor on it, so if the owner's dead it's useless. Awkward if orders
come in and the captain slipped in the shower, so there's usually a
key "for the ship" that accepts any of the officers in the chain of
command in the ship's safe.
The method of operation would be that the message comes in, the comms
officer saves "NewOrders" to "Mail/Orders" and the captain picks up
the file, copies it to his personal directory and runs Decrypt,
putting his OTP Key in the slot when requested. The cleartext is
saved, and the appropriate bytes on the OTP Key are scrubbed.

When the OTPKey gets near empty, a new one is physically delivered by
courier.  To minimize this, most messages are sent en clair, with just
an authentication block being OTP encrypted, and the authentication
block includes the checksum and hash of the en clair portion.

I can see there being a thing like our Internet. Servers on the ship,
with archive transfers of popular websites and a gateway to the XBoat
network....
... but that would be air-gapped from the ship's computer system. No
shared network connections on the ship's LAN. Different radio system
feeding that too, no shared connections at all to the ship's control
network.
That network might be as virusable as the modern internet, but worst
case is if that one gets hosed up  the passengers can't make a hotel
reservation planet-side.