On 1 October, ENISA published its annual Threat Landscape Report, confirming that transport remains one of the EU’s most targeted sectors, with logistics and maritime singled out as priority interests for adversaries. Between July 2024 and June 2025, 7.5% of all incidents in the EU were directed against transport infrastructure.
Key findings relevant to ports and terminals include:
- Transport under sustained pressure: Logistics is the second most impacted subsector after aviation, with maritime explicitly flagged as a priority for attackers.
- DDoS and ransomware dominate: Nearly 88% of incidents were hacktivist-driven DDoS attacks, often timed with political events. Ransomware, though less frequent, remains the most damaging in terms of downtime and costs.
- State-linked campaigns: China-nexus actors show strategic interest in maritime and logistics, while Russian-aligned groups have targeted European transport infrastructure.
- Entry points: Phishing (≈60%) and rapid exploitation of vulnerabilities (≈21%) remain the main vectors. OT/ICS systems — cranes, yard management, and energy facilities — are increasingly affected.
- Regulatory backdrop: New frameworks (NIS2, Cyber Resilience Act, Cyber Solidarity Act) will require tested recovery plans, supplier risk management, and stronger IT/OT segmentation.
For private terminal operators, these findings underline that cyber resilience is now a structural element of competitiveness and continuity, not just an IT matter. Ports risk disruption of gate systems, booking portals, and intermodal flows if cyber defence is not prioritised.
FEPORT members see in this report a timely reminder that the upcoming EU Ports Strategy must treat digital resilience on a par with sustainability and connectivity. Investments in OPS, electrification, and dual-use capacity will only deliver their full value if they are secure. Measures to incentivise cyber investments — including through a dedicated State aid framework — will be essential to protect trade flows and Europe’s strategic autonomy.
