This spotlight delivers an overview of the latest cyber risks impacting the sector generally, including recent incidents and emerging threat vectors. We also highlight our insurance solutions that can address the cyber vulnerabilities faced by land transportation organisations. Read more from our insights to help enhance your organisation’s cyber risk management approach.
What cyber incidents have we seen from the transportation industry?
On July 19, cyber security company CrowdStrike released a flawed software update to Falcon Sensor, their vulnerability scanner that detects system intrusions and hacking attempts. The update disrupted 8.5 million computers worldwide that used the Windows operating system. In a statement issued by the UK’s National Rail, they said that train operators including Govia companies Southern, Thameslink, Great Northern and Gatwick Express were unable to access driver diagrams at certain locations, leading to train cancellations, and that other key systems including real-time customer information platforms were also affected. C2C and Hull Trains reported issues with vending machines and also ongoing issues with its apps, whilst Northern and Merseyrail both reported faulty displays of information systems.
According to a survey by Bridewell of 521 staff responsible for cyber security at UK CNI organisations, nearly 60% of businesses in the rail sector and 44% of those in the road sector had been on the receiving end of a ransomware attack in the preceding 12 months. 45% of road and 35% of rail organisations suffered operational disruption as a consequence. The average response time among rail organisations was 7.24 hours, but that doubled to 14.38 hours among road organisations, the latter of whom took an average of 19.56 hours to respond to nation-state ransomware attacks.
TfL, which runs most of London’s transport network, said on 2 September 2024 that it had undertaken immediate action to prevent any further access to its systems and was working closely with the relevant government agencies, including the National Crime Agency and the National Cyber Security Centre. TfL said it had found no evidence that any customer data had been compromised.