Transport and Logistics
The transport and logistics sector comprises of aviation, maritime and land transport, including rail.
The sector is often critical to a country’s infrastructure. Historically, transport and logistics companies have focused on improving safety and reducing physical risks rather than cyber security.
Increasing digital interconnectedness:
Transport and logistics operations are becoming increasingly digital, integrating IT with IoT and OT cyber/ physical systems. This brings real benefits such as real-time data to create cost-effective operations across aviation, land and maritime transport and logistical operations.
Increased attack surface area:
However, using IoT systems increases the cyber-attack surface area, while some legacy OT systems were ever designed with security in mind. Security is not about restricting these systems; it’s about embedding security within the design to ensure increases in productivity and efficiency are complemented with better security.
Threats and impacts:
Typically, cyber criminals may seek to exploit inventory, delivery or even operational data that pinpoints transportation or simply exploits the reliance on cyber-based control.
Effects of attack on the supply chain can crimple organisations, for example, the 2017 NotPetya ransomware attack against Maersk, causing an estimated $300 million on associated costs, or in 2022 where multiple oil terminals across Europe were unable to process incoming barges – also the result of a ransomware attack.
In April 2021, the metropolitan Transport Authority (MTA), carrying over 11 million passengers a day during the working week and over 850,000 vehicles, had been targeted by state threat actors, exploiting a zero-day vulnerability. It was reported no operational systems were impacted nor data stolen.