Cyber Security Threat Assessment of Transport Sector

Published on : 22 June, 2018

WannaCry ransomware cyberattack is a watershed moment to consider cybersecurity of CII as the highest priority by the Transport sector organisations. The attack has created uproar across transportation and logistics industry giants worldwide. Specifically in shipping industry where one of the privately owned ports on Indian soil was attacked and had directly impacted national economy.
Cyber-attacks may affect the sea port operations, air traffic control and railways. Cyber threats to the Transport Sector are of concern because of the growing reliance on cyber-based control, navigation, tracking, positioning, and communications systems, as well as the ease with which malicious actors can exploit cyber systems serving transportation [2]. As transport operators digitalise their operational technology, the risk of a cyber-attack is elevated.
For example, a cyber-attack on Global Positioning Systems (GPS) IT infrastructure could significantly impact many transportation infrastructures. The information infrastructure used to manage the flow of vehicles and goods, and the reliance on information technology and communications infrastructure makes transportation infrastructure particularly susceptible to such cyber-attacks.


In the aviation industry, technical advances in navigation systems and airframe design have reduced the chances of an accident; however, the increasing reliance on computers poses a different kind of threat.
Traditionally air gapped Air Traffic Control (ATC) network consider to be the backbone of aviation industry due to operational efficiency and faster communication are now interfacing with IT network and opened up a cyber-attack vector that need to be guarded strongly.
Enterprise Information Systems (EIS) consists of integrated layers of the operating system, applications system and business system. Holistically, EIS encompasses the entire range of internal and external information exchange and management.
Interface with multiple other organisations including small companies that are part of the complex supply chain further aggravate the problem of cyber-attack arising from unsecure interface with such organization. Flight information display systems is a perfect example of EIS, that are highly interconnected systems that can be manipulated to display false information, leading to impact on public safety. In July 2013, passport control systems at the departure terminals at Istanbul Atatürk and SabihaGökçen airports were interrupted by a cyber-attack. Passengers were delayed at the point of entry and exit and flights were delayed for many hours.
Cyber risk is significant and growing in the aviation industry. As aircraft move ever closer to becoming fully e-enabled and automation increases, pilot practices and training will need to adapt in the event of system failure or cyber-security breach.


As a critical national infrastructure, the railways – in the same way may be targeted by nation state intent on causing disruption, in addition to amateur hackers, organised criminals, and/or disgruntled employees. As the rail industry adapts and becomes increasingly dependent on electronic sensors and network technologies, new vulnerabilities to physical networks may unfold. [5]
Cyber systems are used in rail transport and metro network for communications-based automatic train control. These systems control train movement, deliver power to the network, control signaling infrastructure, report on the condition of the rolling stock and associated infrastructure, support operational planning and timetabling.
The Operational systems that integrate supervisory control and data acquisition (SCADA), original equipment manufacturer (OEM) and other critical component technologies responsible for the control, movement and monitoring of transportation equipment and services (i.e., train, track and signal control). Siemens released a vulnerability report regarding their PLCs describing some of the vulnerabilities and the breakdowns in relation to things like potential Denial of Service (DoS) attacks on S7400 Programmable Logic Chip. [3, 5]


Cyber-attack impacting marine transportation can involve navigation, cargo control, and other industrial processes, threatening lives, the environment, property, and disrupting trade activity.
Port operations such as raising a drawbridge, controlling traffic lights, scheduling trucks, and controlling pumps, values, and pipelines for delivery of fuel and liquid cargo to ships can be impacted. There are two factors increasing marine cyber risk: increasing control of computer systems and increasing networking of computers with each other and the internet.
For example WannaCry ransomware cyberattack is a classic cyber-attack that impacted global supply chain. Malware impacting a dynamic positioning system used in the offshore oil industry for precise navigation control. Malware on a crew member’s smart-phone which was plugged into an electronic chart system deleted or corrupted all charts, causing a two-day delay. In another incident, organized crime exploited a European container terminal’s tracking system for cargo, allow for use of the system in drug smuggling [5]
In the logistics industry, cyber security is more crucial to resilience and safety than to the protection of customer data. The vast quantities of data exchanged across networks to provide transport service in a supply chain leave the sector particularly vulnerable to cyber-attack.

“Cyber-attacks are the reality of today that can be defended only when everyone do its part to make the job of attacker ineffective.”


  1. James Scott, Sr. Fellow, Institute for Critical Infrastructure Technology
  2. IBM X-Force security research report entitled, “Security Trends in the Transportation Industry”