The cyber threat against Danish ports and logistics companies

This threat assessment outlines the cyber threat against ports and logistics companies in Denmark. The assessment is based on analyses of Danish and international examples of cyber attack incidents against ports and logistics companies and on knowledge about the capability and intent of threat actors. The threat assessment has also been prepared on the basis of conversations with multiple port authorities and logistics companies in Denmark.

The greatest threats to ports and logistics companies in Denmark are cyber espionage and cyber crime. Cyber espionage, in particular, poses a serious threat as ports and logistics companies have access to critical information, not just vital to the functioning of society but also to the Danish military. As a result, foreign states may thus obtain unauthorized access to information of importance to the security of Denmark.

In addition, cyber crime poses a serious threat to ports and logistics companies in Denmark. Ransomware constitutes the most serious threat as ransomware attacks are among the most common types of cyber attack used against critical societal sectors. Also, a ransomware attack may have serious economic repercussions for Danish ports and logistics companies, and could in a worst-case scenario disrupt the delivery of critical services.

The threat assessment covers all commercial ports in Denmark regardless of ownership. Marinas and yacht harbours are not covered in this assessment. Logistics companies are companies whose core business is transport of goods and cargo for clients. This assessment does not deal with the threat against concrete means of transportation i.e. airplanes, trains and truck. It only covers the threat against logistics companies and their systems. The maritime sector will not be dealt with in this threat assessment, as the Danish maritime sector is considered as a separate sector by the Danish authorities.

This assessment is based on the current threat landscape and operates with a warning horizon of up to two years. As cyber threats are dynamic, the threat landscape can quickly change.