The transportation sector is facing an unprecedented wave of cyber threats, and reported cargo thefts are at an all-time high, making security more critical than ever. The Surface Transportation Information Sharing Analysis Center (ST-ISAC) recently published its 2024 Annual Report, highlighting several alarming trends that every industry professional should be aware of. From nation-state cyberattacks to cargo theft and sabotage trends, the risks to transportation networks are always evolving. The dynamic security environment necessitates that stakeholders remain informed and contribute to collaborative security efforts to effectively track and mitigate threats.
Ransomware on the Rise
Ransomware continues to be a pressing threat to the trucking and rail industry. The ST-ISAC observed a surge in attacks on rail, trucking, and logistics providers, leading to widespread disruptions. With Ransomware-as-a-Service (RaaS) models making attacks more accessible, we expect this trend to escalate.
Nation-State Cyber Warfare in Transportation
Nation-state actors continue to pose a significant threat to the transportation sector, leveraging cyberattacks to disrupt operations, gather intelligence, and destabilize critical infrastructure.
Notable threats from the report include:
🔴 Russia – The Russian hacking group Sandworm (APT44) breached U.S. infrastructure, targeting industrial control systems (ICS) critical to transportation operations.
🔵 China – Volt Typhoon, a China-linked cyber espionage group, was discovered infiltrating U.S. transportation networks for over five years, pre-positioning itself for potential operational disruptions.
⚫ North Korea – The Lazarus Group stole $1 billion in digital currencies to fund cyber operations, with growing concerns that proceeds may support attacks against global supply chains.
🟢 Iran – Iranian hackers expanded their cyber operations, targeting U.S. elections and critical transportation systems, raising concerns over geopolitical cyber threats to infrastructure stability.
These adversaries are continually advancing their malware capabilities and attack strategies, increasingly focusing on supply chain disruptions, operational technology (OT) vulnerabilities, and logistics sector intrusions.
Physical Threats: A Growing Concern in Transportation
While cyber threats are occurring at unprecedented rates, certain physical security risks, such as freight fraud and cargo theft, are also steadily increasing across the transportation sector. The 2024 ST-ISAC Annual Report highlights several key physical concerns:
🚨 Freight Theft & Cargo Fraud – Reported cargo thefts surged 27 percent in 2024, costing the industry an estimated $455 million. Organized crime groups are incorporating increasingly sophisticated tactics in their efforts to steal cargo, including creating fake carriers and using fraudulent motor carrier (MC) numbers to masquerade as legitimate companies.
🚧 Infrastructure Sabotage – Attacks against transit and supply chain infrastructure remain a significant concern. In 2024, Russian-linked threat actors attempted to disrupt U.S. military and critical infrastructure sites overseas, and unidentified perpetrators committed major rail sabotage in France during the 2024 Summer Olympics.
🛑 Mass Transit Safety & Crime – The ST ISAC reported on over 818 security incidents affecting public transit systems. These incidents included vandalism, sabotage, and attacks on transit passengers and operators, highlighting continued safety and security risks in transportation hubs. Additionally, terrorist organizations continue to view mass transit systems as high-value targets for mass casualty events.
🌪️ Weather & Climate-Related Disruptions – Natural disasters and inclement weather led to an estimated $3.5 billion in losses to the trucking industry in 2024, furthering a concerning trend of increased annual losses industry wide to weather- and climate-related incidents. Numerous wildfires, earthquakes, floods, and other significant weather events were recorded in 2024, and analysts provided members with up-to-date best practices for operating in these environments.
🗣️ Extremist Threats & Protests – Transportation hubs have increasingly become targets for protests, demonstrations, and politically motivated violence. Coordinated disruptions at transit stations and freight hubs caused significant disruption to transit operations in 2024 and are expected to persist into 2025.
With the convergence of cybersecurity and physical security, transportation organizations must be prepared for both digital and real-world threats to their operations.
Download the full ST-ISAC Annual Report here.
What the ST-ISAC Can Do for You
In 2024, the ST-ISAC provided members with 251 cyber and physical intelligence reports, giving members real-time insights into evolving sector-specific threats. By joining, you gain:
🚨 Real-Time Threat Alerts – Stay informed on existing cyber and physical security threats and receive daily updates detailing protection and mitigation techniques
🤝 Industry Collaboration – ST-ISAC analysts collaborate with industry and government professionals at all levels to provide stakeholders with sector-specific intelligence on existing and emerging security trends
📚 Best Practices & Resources – Gain access the latest sector-specific best practices
The Future: Strengthening Transportation Security
With cyber and physical threats increasing in scale and sophistication, transportation organizations must act now. The ST-ISAC can help—offering intelligence, collaboration, and support to mitigate threats since 2002.
🔒 Protect your organization. Stay informed. Join the ST-ISAC today.
👉 Learn more at www.st-isac.com or email [email protected] for additional information.