Ransomware and data breaches were the most prominent cyber threats affecting Europe’s transport sector last year, with the volume of incidents of the former almost doubling, according to ENISA.
The European Security Agency’s first-ever threat landscape report for the vertical covers the period from January 2021 to October 2022.
It claimed that reports of ransomware incidents increased from 13% of the total in 2021 to 25% in 2022, while malware reports decreased from 11% to 6% and data breaches and leaks decreased from 21% to 9%.
However, this still makes data-related threats the second most prevalent category during the period after ransomware, with attackers targeting credentials, personal information of employees and customers, and intellectual property.
Read more about cyber threats to transportation: US shipping giant loses $7.5 million in ransomware attack.
More than half (55%) of incidents tracked by ENISA during this period were traced to cybercriminals, meaning they were likely financially motivated. Hacktivists accounted for another quarter (23%), which partly explains the six-fold increase in DDoS attacks, from 2% to 13% between 2021 and 2022.
Inessa said that European airports, railways and transport authorities were among the victims of those attacks.
According to the report, state-backed attacks accounted for another 15% of the total and largely targeted the maritime sector and government transportation authorities.
“Transport is a key sector of our economy and we depend on it for our personal and professional lives,” said Johan Lepassar, Executive Director of ENISA.
“Understanding the distribution, drivers, trends and patterns of cyber threats, as well as their potential impact, is critical if we are to improve the cybersecurity of the critical infrastructures in question.”
However, the agency acknowledged that its view of the threat landscape is limited to publicly reported incidents.
“Such disclosed incidents on which ENISA based its analysis and conclusions are likely to underrepresent reality if those that are not disclosed outweigh those that are made public,” he warned.
