Reports are highlighting a rise in cyberattacks on transportation and shipping businesses, with shipping company Yodel identifying a cyber incident earlier this year, and the UK’s Department of Transport reporting nine attacks on the country’s transportation sector in August last year.
In light of these reported attacks, I wanted to share new research from Trellix’s Advanced Research Center, which identifies the transportation and shipping sector as particularly at risk. Trellix’s global telemetry data from Q3 2022 unveiled indicators of compromise (IoCs) belonging to several campaigns from APT groups and ransomware campaigns.
The research found the transportation and shipping sector was among those most targeted in this period, with key findings showing:
- Top target for Nation-State attacks: Trellix’s data identified the transport and shipping sector as the most impacted by campaigns orchestrated by APT groups – representing over a quarter (27%) of total IOCs globally.
- Increased ransomware threats: Trellix’s data found the transport and shipping sector was the second most impacted by identified ransomware campaigns (following telecoms) – accounting for almost a third (31%) of total IOCs globally.
The transportation and shipping sector is vital for businesses and countries to manage supply both within and across borders. We’re increasingly seeing critical infrastructure like this targeted by cybercriminals, as the impact of a successful attack can be particularly widespread and disruptive. Our research shows that the transportation and shipping industry is now at high risk, having emerged as one of the most targeted sectors globally.
“From a nation-state perspective, we can see the transportation and shipping industry has been the most impacted by APT-group-led campaigns, accounting for over a quarter (27%) of attacks. The sector has also become a prime target for ransomware campaigns, comprising almost a third (31%) of detected attacks – second only to the telecoms sector which was impacted by just under half (47%) of the ransomware activity observed.
“It’s now all the more crucial for transportation and shipping organisations to bolster their defences if they are to successfully defend against increasingly sophisticated attacks. By implementing a living security architecture that can readily mould and adapt to emerging threats, organisations can better mitigate against attacks – protecting their supply chains and avoiding widescale disruption.