Positive Technologies, a cybersecurity firm, has conducted an in-depth analysis of cyber threats targeting the transportation sector in 2023, revealing concerning trends for the industry. Among the findings, transportation emerged as one of the top ten most targeted industries last year.
Ekaterina Snegireva, Senior Analyst at Positive Technologies, highlighted the increasing vulnerability of the transportation sector due to its digital transformation. While this transformation has brought about efficiency improvements and enhanced passenger convenience, it has also exposed the industry to a variety of cyber threats capable of disrupting operations and impacting national economies. The analysis shows a significant 36% rise in successful cyber attacks on the global transportation industry in 2023 compared to the previous year.
Malware emerged as the primary weapon in 35% of successful attacks, with ransomware being particularly prevalent. Positive Technologies emphasized the accessibility and profitability of ransomware tools, which are readily available on darknet forums through Ransomware-as-a-Service (RaaS) programs.
The report also shed light on the dark web market for accessing transportation company infrastructures, with prices ranging from $50 for smaller organizations to tens of thousands of dollars for high-privilege access to larger companies. Additionally, attackers exploited trusted third parties in 8% of successful attacks, taking advantage of weak defenses among contractors to gain access to target networks and sensitive data.
The consequences of these cyber attacks are severe, with personal data comprising 51% of stolen information and trade secrets accounting for a quarter. Incidents such as the attack on an Iranian taxi booking company in Fall 2023, affecting over 33 million users, underscore the significance of cybersecurity in protecting customer data.
The report outlined potential non-tolerable events in transportation, ranging from obstructing freight transportation in the rail sector to disrupting booking systems and navigation in aviation. Dmitry Darensky, Head of Industrial Cybersecurity Practice at Positive Technologies, emphasized the importance of cyber resilience measures tailored to specific industry threats, including vulnerability remediation, employee training, and incident monitoring and response.
To bolster cyber resilience, Darensky recommended organizations develop industry-specific non-tolerable event lists, analyze potential attack vectors, and implement comprehensive cybersecurity measures such as the PT ICS solution. Cyber exercises and bug bounty programs were also suggested to test and improve an organization’s security posture.
