Global Transportation Sector At High Risk Of Cyberattacks, Report Suggests

On January 10, US airports experienced major delays due to an outage. The problem was resolved in a few hours, however, it led to the cancellation of 1,300 flights and delayed departures of over 10,000 flights. The Federal Aviation Administration (FAA) said that the delay was due to an issue in the Notice to Air Missions (NOTAM) system.

A new study by a global threat intelligence provider says that the transportation sector is at a high risk of cyberattacks due to the current geopolitical instability, economic recession, and energy crisis. Cyble Research & Intelligence Labs (CRIL) in its report released on January 12 observed major cybercrime incidents in the past year have affected Transportation and Logistics sector.

Although on January 11, the Air Traffic Control System Command Center (ATCSCC) under the US FAA clarified that the reason behind the outage was a damaged database file and rejected rumors of a cyberattack from their preliminary investigation. 

Cyble in its report noted that on the same day, when FAA was battling the NOTAM outage the Canadian civil air navigation services provider, NAV CANADA, also issued a notice regarding the NOTAM system outage. NAV CANADA clarified that the system outage was not linked to the FAA NOTAM. The report said, “even though both yesterday’s Aviation incidences were attributed to system outages from the preliminary investigation by their regulating agencies in the US and Canada, CRIL had always contemplated via our blogs and advisories about targeted attacks on such critical infrastructure.”

Since the Transportation and Logistics sector heavily relies on satellite communication and IoT technology, it may witness growth in cyberattacks in 2023, the report said, adding that the weak economic indicators, energy crisis, and prevalent insider threats remain a matter of concern. 

Cost-cutting across industries has led to a lack of investment in cybersecurity. Supply chain disruption is making it easier for attackers to exploit Information Technology (IT), Operational Technology (OT), and Industrial Internet of Things (IIoT) vulnerabilities in transportation systems, the report said. 

The report analysed multiple incidents including, the Daixin Team ransomware group attack on AirAsia, the Alphavm group attack on Nok Airlines, the Play ransomware group attack on Furetank, and the cyberattack on Voyager Worldwide, saying that in the coming time, cyberattacks on entities dealing in Transportation will increase rapidly, due to the supply chain attacks and targeted attacks on Satellite Communication (SATCOM) devices.