The European Union Agency for Cybersecurity (ENISA) has published a new cyber threat landscape report focussed on the transport sector. The new report maps and analyses cyber incidents in relation to aviation, maritime, railway, and road transport covering the period of January 2021 to October 2022.
In addition to the identification of prime threats and the analysis of incidents, the report includes an assessment of threat actors, an analysis of motivations driving their actions and introduces major trends for each sub-sector.
According to the report, the prime cyber threats affecting the transport sector were:
- Ransomware attacks;
- Data related threats;
- Denial-of-service (DoS), distributed denial-of-service (DDoS) and ransom denial-of-service (RDoS) attacks;
- Phishing / spear phishing;
- Supply-chain attacks.
Ransomware attacks became the most prominent threat against the transport sector in 2022, with attacks having almost doubled; from 13 percent in 2021 to 25 percent in 2022.
More than half of the incidents observed in the reporting period were linked to cybercriminals (55 percent). They apply the ‘follow the money’ philosophy in their modus operandi.
Attacks by hacktivists are on the rise. One fourth of the attacks were linked to hacktivist groups (23 percent), with the motivation of their attacks usually being linked to the geopolitical environment and aiming at operational disruption or guided by ideological motivation. These actors mostly resorted to DDoS attacks and mainly target European airports, railways, and transport authorities. The rates of these attacks are focused on specific regions and are affected by current geopolitical tensions.
State-sponsored actors were more often attributed to targeting the maritime sector or targeting government transport authorities.