Another year of declines
12 March 2024
Awareness of the Polish flag
9 May 2024
According to the Cyber Peace Institute, there were 69 cyber attacks on the Polish transport sector in 2023, representing more than 10% of the total number of cyber attacks worldwide! Lithuania, which transport sector has been attacked 66 times, is in 2nd place, followed only by Ukraine, where 29 such incidents have been officially recorded. Organised crime groups originating from Russia are the most active, with the highest concentration of cyber attacks occurring in Central, Northern and Eastern Europe.
– It should be made clear that enemies and criminals are already working on ways to break into the IT systems of companies in this sector and are probably already inside many of them and are only waiting for the opportunity to launch an active attack phase. We can tell from our previous experience. Therefore, the level of cyber security is inadequate by default and more investment is needed in the protection and building cyber resilience of such an important sector – said Valery Tsiupa, senior consultant corporate affairs of ISSP Holdings Inc, branch in Kiev.
US-based SECNAP Network Security estimates that the total amount of damage caused by ransomware worldwide was more than $300 million in 2015. By 2017, it had risen to $5 billion, and by 2021 it was already $20 billion. This is despite the fact that spending on cyber security has increased significantly. They currently stand at around $150 billion and will reach $265 billion by 2031. Malware creators are constantly creating new generations of solutions that are increasingly difficult to detect. This forces cyber security providers to constantly stay ahead of threats. Also in the maritime and transport sector.
– There were 2 break-ins in 2021 at a major Japanese shipping company in the same year. It took 10 days to stop and restore operation. In June of the same year, a South Korean shipping company was hacked. A few months later, a large container shipping company lost all its customer data. In November 2021, transport companies from Singapore and Greece lost confidential information, including their customers’ proprietary data – says Sameer Bhalotra, CEO of cyber security company ActZero.
The dilution of the boundaries between physical security and cyber security is also a challenge for organisations around the world. Both these matters affect themselves. This is because a breach of security in one area can have direct consequences in another.
Thus, for example, in mid-December last year, Ukraine’s largest telecoms operator Kyivstar fell victim to a cyber-attack that deprived its subscribers, a total of more than 24 million people, of connectivity and internet and the ability to pay by card. According to the SBU, the incident was allegedly claimed by one of the groups linked to the Russian military intelligence service GRU. At the same time, PrivatBank, which is Ukraine’s largest commercial bank, reported that its branches and terminals had been disrupted due to cyber activity, with Monobank representatives stating that their institution had been the target of a “massive DDoS attack” (which aims to block access to a server or service by flooding it with a large number of false requests).
Then again, Ukraine often falls prey to Russian hackers and the physical consequences were felt by the population especially during the cyber attacks by the Sandworm group targeting the energy infrastructure in 2015-2016, which resulted in blackouts in large parts of the country, even lasting for days at a time.
The US action against uranium enrichment facilities in Iran is also an example of this. The Stuxnet virus remotely damaged around 2000 rotors at the Natanz site in late 2009 and early 2010, out of a total of 8700 pieces of equipment operating there.
DNV, on the other hand, highlights the consequences of cyber attacks on the wind energy sector in its “Energy Transition Outlook” report. It mentions, among other things, cyber attacks on Enecron, a wind turbine manufacturer in Germany, as a result of a large-scale disruption of Viasat satellite links. The attack took place in February 2022, at the time of the Russian aggression against Ukraine, and resulted in the company losing its ability to remotely control and monitor 5800 turbines. In contrast, Nordex, another German wind turbine manufacturer, fell victim to a ransomware attack last March. Its IT system was blocked, but the turbines remained intact.
EU Directive NIS2, which came into force on 16 January 2023, is intended to counter cyber incidents, and should be implemented in the Polish legal system by 17 October 2024. The document is intended to be the basis for the operation of cyber security systems in the EU space, including seaports, navigation, the TSL sector, offshore wind and the shipbuilding industry. Indeed, NIS2 identified the sectors of the economy that are to be considered crucial to the security of countries and are therefore to be the most protected. These covered transport (water, land and air), including ports and logistics, energy (including offshore wind) or public administration (including maritime administration). In contrast, industry, which includes shipyards, was important in the entities sector.
In addition, according to NIS2, it is of utmost importance for the security of companies in sectors identified as critical and important to control the supply chain and “take into account the risks arising from the entity’s relationships with third parties, such as data storage and processing service providers, security service providers and software providers”. In these regulations, the European Union emphasises “supply chain security, including the security aspects of the relationship between each operator and its immediate suppliers of products or services”.
Article developed with Namiary na Morze i Handel magazine
phot. Namiary na Morze i Handel magazine
