As the digital economy grows, digital crime grows with it. Soaring numbers of online and mobile interactions are creating millions of attack opportunities. The transport sector shows the same vulnerabilities to all other sectors and recent research has identified the following prime cyber threats for the sector: 

  • Ransomware attacks (38%),
  • Data related threats (30%),
  • Malware (17%),
  • Denial-of-service (DoS), distributed denial-of-service (DDoS) and ransom denial-of-service (RDoS) attacks (16%), 
  • Phishing / spear phishing (10%),
  • Supply-chain attacks (10%).




The aviation sector is facing multiple threats, with data-related threats being the most prominent, coupled by ransomware and malware. Customer data of airlines and proprietary information of original equipment manufacturers (OEM) are the prime targeted assets of the sector. In 2022, there has been a rise in the number of ransomware attacks affecting airports. Fraudulent websites impersonating airlines have become a significant threat in 2022. 


The railway sector experiences ransomware and data-related threats primarily targeting IT systems like passenger services, ticketing systems, and mobile applications, causing service disruptions. Activist groups have been conducting DDoS attacks against railway companies with an increasing rate, primarily due to Russia’s invasion of Ukraine. 


The road transport sector faces predominantly ransomware attacks, followed by data-related threats and malware. Automotive industry, especially OEM and tier-X suppliers, has been targeted by ransomware leading to production disruptions. Data-related threats primarily target IT systems to acquire customer and employee data as well as proprietary information. 

The maritime sector experiences ransomware, malware, and phishing attacks targeted towards port authorities, port operators, and manufacturers. State-sponsored attackers often carry out politically motivated attacks leading to operational disruptions at ports and vessels. 



All transport modes had authorities and bodies that were being targeted, in fact 38% of the incidents targeted transport authorities. In the railway sector, incidents almost exclusively targeted railway undertakings and infrastructure managers. Similarly, port operators were the most affected entities in the maritime sector. These two sectors had only a few incidents targeting supply chain or service providers. This was not the case in the road sector, where OEM, tier-X suppliers and service providers were targeted, along with public transport operators. In the aviation sector, airlines and airport operators are the main targets, followed by service providers, surface transport operators and the supply chain. 






 This and much more emerges from the recent Report issued by ENISA European Union Agency for Cybersecurity) on the cyber threat landscape of the transport sector in the period 2021-2022, accessible here: ENISA Transport Threat Landscape — ENISA (