Increasing digital interconnectedness:
Transport and logistics operations are becoming increasingly digital, integrating IT with IoT and OT cyber/ physical systems. This brings real benefits such as real-time data to create cost-effective operations across aviation, land and maritime transport and logistical operations.
Increased attack surface area:
However, using IoT systems increases the cyber-attack surface area, while some legacy OT systems were ever designed with security in mind. Security is not about restricting these systems; it’s about embedding security within the design to ensure increases in productivity and efficiency are complemented with better security.
Typically, cyber criminals may seek to exploit inventory, delivery or even operational data that pinpoints transportation or simply exploits the reliance on cyber-based control.
Effects of attack on the supply chain can crimple organisations, for example, the 2017 NotPetya ransomware attack against Maersk, causing an estimated $300 million on associated costs, or in 2022 where multiple oil terminals across Europe were unable to process incoming barges – also the result of a ransomware attack.
In April 2021, the metropolitan Transport Authority (MTA), carrying over 11 million passengers a day during the working week and over 850,000 vehicles, had been targeted by state threat actors, exploiting a zero-day vulnerability. It was reported no operational systems were impacted nor data stolen.