The cyber threat against land and air transport

The transport sector is vital to the functioning and stability of Danish society. This assessment is intended to inform decision-makers within the transport sector of the cyber threat in order to improve the sector’s cyber resilience. For instance, it can be used in the risk assessment efforts of the sector in connection with the national strategy for cyber and information security.

Key assessment:

The threat from cyber crime against the Danish transport sector is VERY HIGH. Cyber crime aimed at extorting money from private companies and public authorities pose a particular threat. Cyber crime may, at worst, disrupt operations in the transport sector and potentially undermine client trust.

The threat from cyber espionage is VERY HIGH. Cyber espionage is mainly aimed at organizations within the aviation sector and ports. The threat of cyber espionage against the Danish railway sector is only HIGH.

The threat from cyber activism against Denmark has been raised from LOW to MEDIUM. The CFCS has raised the threat level in response to the cyber activist attacks against European NATO countries triggered by the war in Ukraine. It is possible that pro-Russian hackers, in particular, will attack targets in Denmark, including targets in the transport sector.

The threat from destructive cyber attacks against the Danish transport sector is LOW. However, the Danish transport sector can potentially be affected by
destructive cyber attacks abroad.

The threat from cyber terrorism is NONE. Cyber terrorism presupposes technical skills and organizational resources that militant extremists do not possess at this point. Also, their intent to conduct cyber terrorism is limited

Revision history:

This assessment was first updated in June 2020 with adjustments to the chapters on cyber activism and cyber terrorism and designation of a threat level for destructive cyber attacks reflecting the adjusted threat levels in the 2020 annual national threat assessment “The cyber threat against Denmark”. The other chapters remain unchanged.

This threat assessment was updated again in September 2021 with adjustments to the chapter on cyber espionage. The threat level for cyber espionage was raised to VERY HIGH. The other chapters remain unchanged.

The assessment was updated in June 2022 with adjustments to the chapter on the threat of cyber activism following the increase in threat level for cyber activism against Denmark from LOW to MEDIUM, published 18 May 2022. The other chapters remain unchanged.

The most recent update was made in March 2023 with an added note to reflect that CFCS raised the threat level for cyber activism from MEDIUM to HIGH. The rest of the threat assessment remain unchanged.