ENISA Transport Threat Landscape Report Published
This report is the first analysis conducted by the European Union Agency for Cybersecurity (ENISA) of the cyber threat landscape of the transport sector in the EU. The report aims to bring new insights into the reality of the transport sector by mapping and studying cyber incidents from January 2021 to October 2022. It identifies prime threats, actors and trends based on the analysis of cyberattacks targeting aviation, maritime, railway and road transport over a period of almost 2 years.
EU Agency for Cybersecurity Executive Director, Juhan Lepassaar, stated that “Transport is a key sector of our economy that we depend on in both our personal and professional lives. Understanding the distribution of cyber threats, motivations, trends and patterns as well as their potential impact, is crucial if we want to improve the cybersecurity of the critical infrastructures involved."
It should be noted that the data collection and analysis primarily focus on incidents observed in EU member states and then in other states around the world. This is by no means the complete list of incidents that occurred during the reporting period. ENISA gathered a list of major incidents based on open-source intelligence (OSINT) and ENISA’s own cyber threat intelligence capabilities.
For the aviation sector specifically, these were complemented by incidents reported to EASA and the European Centre for Cybersecurity in Aviation, and by incidents provided by Eurocontrol’s EATM-CERT. The data collected were further analysed by ENISA’s threat landscape team.
Faced with multiple threats, aviation contends with data-related threats as the most prominent, coupled by ransomware and malware. Customer data of airlines and proprietary information of original equipment manufacturers (OEM) are the prime targeted assets of the sector. Fraudulent websites impersonating airlines have become a significant threat in 2022, while the number of ransomware attacks affecting airports has increased.