According to a report from the European Union Agency for Cybersecurity, hackers will exploit the growing overlap between information and operational technologies in the transport sector to disrupt OT processes in a targeted attack.
The report shows an increase in known attacks against the aviation, maritime, rail, and road sectors in Europe and globally, which ENISA suggests could be a consequence of reporting requirements under the European Union directive on the security of network and information systems.
Ransomware attacks are highlighted as having grown in frequency, and they will become a tool wielded for political as well as financial motivations.
The report suggests that hacktivists will be drawn to ransomware attacks due to their effectiveness and the media attention they attract.
Hacktivist activity has spiked since the 2022 Russian invasion, often through distributed denial-of-service attacks against websites in the railway, airport, and road sectors. ENISA explains that ransomware attacks are mostly indiscriminate and opportunistic, and that the capabilities of most pro-Russian hacktivists remain low and are largely limited to DDoS and defacement attacks.
The report warns that the Russian war of conquest of its European neighbor could change the risk calculus as ransomware groups start picking sides and conducting retaliatory attacks against critical Western infrastructure.
ENISA further predicts that ransomware groups will likely target and disrupt OT operations in the foreseeable future due to the overlapping of IT and OT. However, during the nearly two-year period covered in the report, no attack appeared to have affected the safety of transportation, although hacktivists used ransomware in January 2022 to disrupt railway operations in Belarus with the stated aim of preventing the presence of Russian troops on the territory of Belarus.
Of the four transportation subsectors studied by ENISA, the aviation sector endured slightly more cyberattacks than its counterparts, with 28% of the known attacks.
The road sector saw 24% of the known attacks, followed by the rail sector with 21%, and the maritime industry with 18%. Recorded ransomware attacks affecting airports increased in 2022 compared to the previous year, as did ransomware attacks in the road sector.
Recorded ransomware attacks against the railway sector were slightly up as a percentage of total attacks, and the number of attacks remained static in the maritime industry.
