ENISA: Ransomware became a prominent threat against the transport sector in 2022

The
European
Union
Agency
for
Cybersecurity
(ENISA)
published
its
first
cyber
threat
landscape
report
for
the
transport
sector.

A
new


report
published
by
the
European
Union
Agency
for
Cybersecurity
(ENISA)
analyzes
threats
and
incidents
in
the
transport
sector.
The
report
covers
incidents
in
aviation,
maritime,
railway,
and
road
transport
industries
between
January
2021
and
October
2022.

The
report
provides
a
detailed
analysis
of
the
prime
threats
to
the
transport
sector,
the
threat
actors
and
related
motivations.

During
the
period
covered
by
the
report,
the
expert
identified
the
following
prime
threats:

• ransomware
  attacks
  (38%),
• data
  related
  threats
  (30%),
• malware
  (17%),
• denial-of-service
  (DoS),
  distributed
  denial-of-service
  (DDoS)
  and
  ransom
  denial-of-service
  (RDoS)
  attacks
  (16%),
• phishing
  /
  spear
  phishing
  (10%),
• supply-chain
  attacks
  (10%).

During
the
reporting
period,
ransomware
was
the
most
prominent
threat
against
the
sector
in
2022.
The
researchers
pointed
out
that
the
ransomware
attacks
doubled
compared
to
the
previous
year.
Threat
actors
behind
ransomware
attacks
are
not
exclusively
financially-motivated.

Nation-state
actors,
cybercriminals,
and
hacktivists,
are
the
threat
actors
with
the
biggest
impact
on
the
organizations
in
the
sector.

Most
of
the
attacks
on
the
transport
sector
(54%)
are
carried
out
by
cybercriminals.

The
report
warns
that
hacktivist
activity
targeting
the
transport
sector,
including
DDoS
attacks,
is
likely
to
continue.
Airports,
railways
and
transport
authorities
are
privileged
targets
of
hacktivists.

The
good
news
is
that
ENISA
experts
did
not
receive
reliable
information
on
a
cyberattack
affecting
the
safety
of
transport.

The
researchers
also
warn
that
future
Ransomware
attacks
will
likely
target
and
disrupt
OT
operations.

“The
majority
of
attacks
on
the
transport
sector
target
information
technology
(IT)
systems.
Operational
disruptions
can
occur
as
a
consequence
of
these
attacks,
but
the
operational
technology
(OT)
systems
are
rarely
being
targeted.”
states
the
report.
“Ransomware
groups
will
likely
target
and
disrupt
OT
operations
in
the
foreseeable
future.”

The
aviation
sector
is
facing
multiple
threats,
with
ransomware
and
malware
attacks
and
data-related
threats
being
the
most
prominent
threats.
Experts
warn
of
the
number
of
ransomware
attacks
targeting
airports
and
rogue
websites
impersonating
airlines
used
by
scammers
in
2022.

“Transport
is
a
key
sector
of
our
economy
that
we
depend
on
in
both
our
personal
and
professional
lives.
Understanding
the
distribution
of
cyber
threats,
motivations,
trends
and
patterns
as
well
as
their
potential
impact,
is
crucial
if
we
want
to
improve
the
cybersecurity
of
the
critical
infrastructures
involved.”
said

Juhan
Lepassaar,
EU
Agency
for
Cybersecurity
Executive
Director.

Let
me
suggest
the
reading
of
the
report
that
is
available
here:

https://www.enisa.europa.eu/publications/enisa-transport-threat-landscape

Follow
me
on
Twitter:


@securityaffairs
and


Facebook
and


Mastodon

Pierluigi Paganini

(SecurityAffairs –

hacking,
transport
sector)

Share
On

About Author

AndyC

Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.

See author's posts