A new report reveals ransomware attacks are the most prominent threat facing the transport sector.

The European Union Agency for Cybersecurity (ENISA) recently published its first cyber threat landscape report dedicated to the transport sector. The report mapped and analyzed cyber incidents in relation to aviation, maritime, railway and road transport from January 2021 to October 2022 for a total of 98 publicly reported incidents.

“Transport is a key sector of our economy that we depend on in both our personal and professional lives,” said EU Agency for Cybersecurity Executive Director Juhan Lepassaar. ”Understanding the distribution of cyber threats, motivations, trends and patterns as well as their potential impact, is crucial if we want to improve the cybersecurity of the critical infrastructures involved.”

The report shows ransomware attacks have almost doubled in 2022, increasing from 13% in 2021 to 25% in 2022. During the study period, the prime threats included ransomware attacks at 38%, data-related threats at 30%, 17% malware, denial-of-service (Dos), distributed denial-of-service (DDoS) and ransom denial-of-service (RDoS) attacks at 16%, 10% phishing and spear phishing and supply chain attacks at 10%.

More than half of the incidents analyzed in the report were linked to cybercriminals (55%). One fourth of the attacks were linked to hacktivist groups (23%), with the motivation of their attacks usually being linked to the geopolitical environment and aiming at operational disruption or guided by ideological motivation.

The report observed incidents in each sector: aviation, maritime, railway and road.

The aviation sector is faced with data-related threats as the most prominent, coupled by ransomware and malware.

Threats targeting the maritime sector included ransomware, malware and phishing attacks targeted towards port authorities, port operators and manufacturers.

In the railway sector, threats ranged from ransomware to data-related primarily targeting IT systems causing service disruptions. Hacktivist groups have been conducting DDoS attacks against railway companies with an increasing rate, primarily due to Russia's invasion of Ukraine.

The threats in the road sector are predominantly ransomware attacks, followed by data-related threats and malware.