Transport Sector
15 articles covering transport OT/ICS security
Maritime Port and Shipping OT Cybersecurity: IMO Compliance and Sector Threats 2026
Cyberattacks targeting maritime infrastructure surged 103% in 2025. This briefing covers port OT architecture, threat actors, attack vectors against vessel control systems and terminal management, and the IMO and IACS regulatory requirements now in force.
Modbus Protocol Security: Attack Surface, Exploitation, and OT Network Hardening
Modbus is the most widely deployed industrial protocol in the world — and one of the least secure. This guide covers the Modbus attack surface, documented exploitation techniques used against OT environments, and practical hardening measures for energy, water, and manufacturing defenders.
Securing OT Remote Access: VPN, ZTNA, and Jump Server Architecture for Industrial Networks
Remote access to operational technology environments expanded dramatically during 2020-2022 and was never fully locked down. This guide covers the specific risks of each remote access pattern — vendor VPNs, site VPNs, jump servers, and ZTNA — and the hardening steps that reduce the attack surface without breaking the maintenance workflows OT teams depend on.
Railway and Transport SCADA Cybersecurity: Attack Surfaces, Nation-State Threats, and TSA Directives
Railway and mass transit systems operate a complex mix of operational technology — signalling, SCADA, ETCS, and passenger information systems — across environments that were designed for availability and safety, not cyber resilience. This briefing covers the attack surface, documented threat actor targeting, and current regulatory requirements under TSA's rail cybersecurity directives.
ICS Patch Tuesday June 2026: Critical Vulnerabilities in Siemens, Honeywell, and Mitsubishi Electric Products
The June 2026 ICS Patch Tuesday cycle brings critical and high-severity advisories affecting Siemens industrial networks, Honeywell building and process control systems, and Mitsubishi Electric PLCs. OT security teams should prioritise triage and remediation planning for affected assets.
CISA Advisory: Automatic Tank Gauge Systems Under Active Attack — What OT Operators Need to Do Now
CISA, FBI, NSA, and five other US federal agencies issued a joint advisory in June 2026 warning of active malicious cyber activity targeting internet-exposed automatic tank gauge (ATG) systems across the energy, water, transportation, and critical infrastructure sectors. Attackers are exploiting authentication bypass and command execution flaws to modify pump controls and disable safety alerts.
Maritime OT Security 2026: ECDIS Vulnerabilities, AIS Spoofing, and the Threat to Port Systems
Maritime operational technology spans navigation systems, ship management platforms, and port infrastructure — all increasingly networked, poorly patched, and targeted by both state and criminal actors. This sector briefing covers the current maritime threat landscape, key vulnerability classes in ECDIS and AIS, GPS/GNSS spoofing in contested regions, and the IMO and DNV frameworks guiding the sector's security response.
CISA's Zero Trust Roadmap for OT: What the April 2026 Joint Guidance Means for Industrial Operators
CISA's April 2026 joint guidance 'Adapting Zero Trust Principles to Operational Technology' lays out a practical roadmap for applying zero trust in environments where the standard IT playbook doesn't work — legacy protocols, uptime requirements, and safety constraints included.
Siemens May 2026 ICS Patch Tuesday: Device Takeover in Sentron Energy Meters, Root RCE in Ruggedcom, and 300+ Third-Party Flaws in CN4100
Siemens published 18 security advisories in May 2026's ICS Patch Tuesday, with critical findings in the Sentron 7KT PAC1261 energy data manager, Ruggedcom Rox, Simatic CN4100, and Opcenter RDnL manufacturing platform. This roundup covers the highest-impact advisories with operational guidance for affected sectors.
CISA ICS Advisory Roundup: Kaleris Navis N4, Delta Electronics CNCSoft, and ABB EIBPORT (May 2026)
CISA released eight ICS advisories and one medical device advisory on May 28, 2026, covering critical vulnerabilities in transportation management, CNC motion control, and industrial building automation systems. This analysis covers the highest-impact advisories and operational guidance for affected organisations.
CISA CI Fortify: What the New OT Isolation Guidance Means for Operational Technology Operators
CISA's CI Fortify initiative moves beyond standard patching guidance to address a harder problem: how critical infrastructure OT environments maintain operational continuity when internet, cloud, and telecom connectivity is severed during a geopolitical cyber crisis.
IEC 62443: The OT Security Standard Your Procurement Team Needs to Understand
IEC 62443 is the international standard series for industrial cybersecurity. This explainer covers the structure of the standard, what Security Levels mean in practice, the zones and conduits model, and how to reference 62443 in vendor contracts to actually improve your security posture.
Four-Faith Routers Under Active Attack, Iranian Threat Actors Hit US Fuel Systems
Mass exploitation of two vulnerabilities in Four-Faith industrial routers began May 12 with 139 attacking IPs observed against 15,800 exposed devices. Meanwhile, Iranian-linked threat actors continue automated attacks against Automatic Tank Gauge systems at US petrol stations.
OT Threat Landscape 2026: New Dragos Groups, Shrinking Exploit Windows, and the Visibility Crisis
Dragos's 2026 OT cybersecurity year-in-review identifies 26 threat groups specifically targeting operational technology -- including three newly tracked groups -- as exploit timelines compress to 24 days and fewer than one in ten OT networks have active monitoring. A practical analysis for OT security practitioners.
NIS2 OT Compliance: What the 2026 Enforcement Wave Means for Industrial Operators
EU member states are now issuing the first formal NIS2 enforcement actions against operators of essential services. Industrial operators — energy utilities, water authorities, manufacturing firms, and transport operators — face binding cybersecurity obligations, supply chain security requirements, and 24-hour incident reporting duties that the prior NIS1 regime did not meaningfully enforce. What actually changed and what OT teams need to do.