Transportation

(0) attackers < Back

Understanding the cyber threat:

In the age of automation and networking, recent years have seen an overwhelming increase in cyber attacks against the transport industry. As a result of the proliferation of attackers and their modus operandi, IT systems are often too vulnerable. As a result, attackers are finding more and more entry points into increasingly vulnerable systems. In addition, in 2020, a number of global events have favoured attacks against this sector of activity, such as the COVID-19 pandemic. Indeed, in this period of coronavirus, attacking those in the second line unfortunately makes sense for malicious individuals. The transport and logistics sector fulfils vital missions and therefore needs more than ever to have fully operational information systems. It is important to know that the transport sector is made up of six sub-sectors: public transport and passenger rail, pipeline systems, road and highway transport, the maritime transport system, rail freight, and postal and maritime transport. The vitality of the sector’s interconnectedness and global presence makes it a tempting target for hackers.

​In the rail industry, traditional wirebased train control and management systems (TCMS), which had only limited communication with external systems, are giving way to wireless standards like GSMRailway, a relatively broad network linking trains to railway regulation control centers. As is the case for all mobility providers these days, T&L companies use vehicle infotainment services and other equipment that add another layer of internet-connected communications. 

In every segment of the transportation industry, the widened cyber-attack surface is evident. For instance, among maritime companies, relatively simple distressand-safety systems have been replaced by full-fledged, cloud-based, local area networks, like the International Maritime Organization’s (IMO) e-navigation program. These networks are a tempting target for hackers because they collect, integrate, and analyze on-board information continuously to track ships’ locations, cargo details, maintenance issues, and a host of oceanic environmental considerations.

The fallout from cyber attacks can sometimes be felt by organizations for many months. In addition to service interruptions, cybercrime can also impact daily operations and result in the exposure of sensitive data.

• Below are sample impacts of cyber attacks in the transportation sector:

• Disruption to traffic lights, toll booths and electronic traffic signs

• Interruption of ticket machines and fare gates

• Blocked access to important files and data

• Theft of sensitive information from emails

• Interruption of payroll services

• Theft of personally identifiable information (“PII”).

• Blocked access to computer systems, resulting in employees using personal devices for work.

​Transportation is the tenth most costly industry for experiencing a data breach. On average, breaches cost transit companies $3.58 million per incident and take 275 days to contain. As cyberattacks on the sector grow increasingly common, these figures could grow, leading to incredible losses.

Example of devastating attack: in early May 2021, the Colonial Pipeline suffered a ransomware attack that forced it to shut down its entire network to prevent the malware from spreading.

 

Example of devastating attack: in early May 2021, the Colonial Pipeline suffered a ransomware attack that forced it to shut down its entire network to prevent the malware from spreading.