It is well to be noted that the economic figures pertaining to the transport sector post-COVID crisis have been up for everyone’s assessment for a few months now, and what one can say is that the transport sector has indeed bounced back well, both across France and also internationally.
Like all other sectors within the economy, the transport industry happens to be undergoing massive digitization, and that too all throughout the world. This opportunity to create value by way of modernization is also an opportunity for hackers, who happen to have plenty of possibilities to attack transport systems as well as companies, right from passenger transport to industrial logistics.
What kinds of cyberattacks must transport facilities face, and how can they go on to prepare against such attacks? Here is some advice to limit the risks of such cyberattacks within the transport sector.
Numerous, as well as edifying, attacks
There are numerous types of cyberattacks in the transportation sector. As per the report of the European Union Agency for Cybersecurity- ENISA, the main threats when it comes to the transport sector happen to be the following:
• Ransomware attacks
• Threats pertaining to data theft as well as compromise
• Software that’s malicious
• DDoS- Distributed Denial-of-Service attacks
• Phishing
• Attacks within the supply chain
It is well to be noted that ransomware attacks have gone on to become the most significant threat in 2022, as they almost went on to double from 13% in 2021 to 25% that year. These kinds of attacks go on to target railway IT systems, hence disrupting passenger services, ticketing systems as well as mobile applications.
Hacktivism attacks also happen to be on the rise, comprising a quarter of all attacks and often in response to the geopolitical environment as well as aimed at disrupting operations. This is what took place in Poland in August 2023, wherein hacktivists went ahead and paralyzed a huge chunk of the Polish rail network by way of using an analog VHF system with no security.
As an instance of a denial-of-service attack, one of the Danish railway companies has already suffered a DDoS attack in 2018. Due to this, its ticketing system went out of service throughout the entire attack. This is an attack with minor consequences as compared to the impact of the attack that took place on FedEx and Maersk, both of whose container terminals were rendered inoperable due to a Trojan horse attack through NotPetya in 2017, which costed 300 million dollars to FedEx.
As most of the companies do not go on to communicate if an attack has not been clearly identified, one does not really know the magnitude of the damage. But according to a report that’s been issued by IBM, 10% of cyberattacks go on to target the transport sector.
And unfortunately, the fact is that hackers often prevail.
And yet, companies are still quite poorly prepared for this
It is hence clear that there is not a worldwide culture of cybersecurity in the transport sector. As per a study by the Mineta Transportation Institute- MTI, whereas 73% of companies in the transport industry claim that they happen to have access to information to execute a real cybersecurity strategy, just 60% have a real response plan for cyberattacks, and nearly half of them don’t find their plan to be sufficient.
So, what needs to be done? France happens to rely on a very dynamic cybersecurity ecosystem, which is driven by the ANSSI- French Cybersecurity Agency and other actors like Cyber Campus as well as its regional network.
Transport companies must go on to comply with the same basic ideas as the ones of other industries. It is, as a matter of fact, impossible to guarantee an unconditional level of security when it comes to digital operations, along with resilience to attacks. It is hence important to make sure of the general security of the network, like simple access to a computer in an office on a port.
Because of all this, it is indeed mandatory to go ahead and execute a strong authentication system so as to connect. It is mandatory that one collect and store all actions in a reliable way, which includes timestamping as well as a secure data backup. Thereafter, it is recommended to go ahead and embrace a pro-active approach to such data and analyze systematically what happens to be out of the ordinary, even though there is no apparent cyberattack.
As far as resilience is concerned, it gets even easier: beyond the requirement to have a response plan, companies must get agile and also ensure numerous responses to an attack so that the latter does not go on to paralyze all operations completely. The point is also to be also accepting to rapidly changing technical as well as human processes throughout the company.
With regards to the transport sector, especially, one challenge in terms of cybersecurity happens to be the multiplicity in terms of interacting systems, which is often managed by different entities. Because of this, the attack could very well spread, or the system can as well collapse when a kind of innocuous sub-system gets shut down. For instance, let one imagine disabling alerts or even blocking an access control system, due to which the entire infrastructure gets to a standstill, with prominent financial as well as human consequences. In order to address this issue, it is mandatory to conduct cross-disciplinary analysis in terms of emerging systems as well as behaviours.
A new era happens to be emerging, filled with challenges
The more the transport sector goes on to modernize, the more it kind of becomes an attractive target for hackers. So as to deal with this threat, companies must adopt a multidimensional approach so as to secure their operations infrastructure.
This goes on to imply a resilience strategy, that goes beyond simply executing security measures. This strategy enables minimizing the effect of potential attacks on the operations part. Apart from this, it is also essential to evaluate risks rigorously so as to identify potential threats as well as establish apt response plans.
