Escalating Ransomware and Phishing Threats Demand Reinforced Cyber Defences for Transport

Published 27 August 2024

Almost six in ten (59%) businesses in the rail sector and 44% of road organisations have admitted to being on the receiving end of a ransomware attack in the past 12 months.

This is according to our latest CNI research, which has surveyed 521 staff responsible for cyber security at UK critical national infrastructure (CNI) organisations, encompassing civil aviation, energy, transport, finance and central government. 

Download 'Cyber Security in Transport: 2024'

The Dual Attack Threat

Ransomware attacks have significant implications for the transport industry. Organisations that fail to deal effectively with these threats jeopardise road transportation of essential goods and services, while impacting on crucial rail operations, putting travellers at risk. 45% of road and 35% of rail organisations have suffered operational disruption as a consequence. 

In addition to the growing ransomware threat, phishing attacks are also widespread, averaging 14 incidents per year for rail and as many as 21 for road. The dual threat is putting immense pressure on the industry to enhance its cyber defences and response strategies.  

Delayed Response 

Given these significant consequences, the sector is struggling to react quickly to cyber incidents and mitigate the damage they cause. With ransomware attacks, the average response time in rail is 7.24 hours, but this doubles to 14.38 hours in road transport. Road organisations take an average of 19.56 hours to respond to nation-state attacks, which continue to escalate as Russian, Chinese, Iranian and North Korean-affiliated threat actors escalate their efforts, particularly in the wake of the Russia-Ukraine and Israel-Palestine conflicts.  

Future-proofing Financial Services

Despite these concerns, transport organisations are actively enhancing their cyber security measures. 97% of rail and 88% of road organisations are already leveraging AI-driven tools, including chatbots and AI assistants. Furthermore, 62% of rail organisations and 56% of road transport organisations expect to spend more on IT security than last year. 

“The road and rail sectors are critical to the effective functioning of economies and wider societies. But ransomware and phishing attacks are having a detrimental impact, and lengthy response times are only adding to the damage caused. With nation-state attacks also posing a significant threat, the sector must fortify its cyber defences with incident response and reporting, defined risk management practices, regular audits and training programmes to futureproof its operations. It’s promising that the sector is already adopting AI-driven solutions and planning to invest more in cyber security in order to do so."
Anthony Young, CEO, Bridewell