On the Move: Cyber Attacks on the Transportation Systems

  • March 27, 2019
Reading Time: 3 minutes

Everything is on the move. People. Agriculture. Water. Power. Materials ranging from home goods to hazardous waste all flow through a massively complex, public/private, interconnected – and increasingly automated – hive of vehicles and transport systems.

According to the Department of Homeland Security:

  • More than 19,000 airports with 780,000 commercial flights a month
  • 361 ports and 95,000 miles of coastline
  • Billions of passenger trips on mass transit (buses, subway, commuter, etc.) annually
  • Four million miles of roadway with 600,000 bridges and 400 tunnels

Via plane, train, or automobile, the transportation sector supports nearly 10 percent of the U.S. GDP and transports nearly 20 billion tons in goods annually. Over the past couple of years, the industry has grown in complexity in logistical chains, production, facility and manufacturing partners, and plant management operations.

As a result of such growth, the industry has shifted to more automated processes, turning paper documents into digital formats, and using advanced analytics to address customer needs. Those efforts have placed more transportation systems online. With the expansion of the transportation industry into the digital domain, it has become even more alluring and accessible to cybercriminals.

Historical transportation cyber attacks

  • Maersk: Peyta malware variant infected the IT systems of the world’s largest shipping company with 600 container vessels handling 15% of the world’s seaborne trade in June 2017.
  • LOT: A Polish airline canceled 10 flights due to an attack against the airline’s ground computer systems at Warsaw’s Okecie airport in June 2015.
  • Jeep Cherokee: A coordinated attack in 2015 by Charlie Miller and Chris Valasek demonstrated the ease by which a connected car can be remotely hacked into, in this case, using Uconnect.

While many transportation companies understand the importance of keeping data and passengers safe and secure, a few companies have experienced the detrimental effects of an attack similar to other industries like the financial sector and healthcare.

From ransomware attacks to data breaches, the transportation sector is not immune to malicious hackers. While the industry has been thought of as “less vulnerable,” it also means the industry could be next in line for hackers to target. This is especially true now that automobiles and transit systems are becoming increasingly more connected via IoT, or the Internet of Things. Many cars now come with their own WiFi hotspot, public transportation utilizes apps to help you get around, and specialty lanes on the highway use the internet to charge for driving in things like the express lane.

Unauthorized users know that such “untapped” industries are indeed at risk because they haven’t been attacked yet, leading industry professionals to believe their systems are secure and not defenseless. A system may appear to be secure, but until the first oversight or staffing shortfall impacts security, it’s hard to be 100% certain. The transportation industry is new territory that can be easily exploited if persistent cyber learning, procedures and processes are not put in place.

Since most transportation organizations keep cybersecurity responsibilities in-house, building a culture of awareness within the organization that prioritizes education, skill-building, and continual awareness, is crucial to staying on top of threats. Transportation industry cyber teams and CISOs would do well to be proactive in their cybersecurity efforts instead of hoping their systems are secure from hackers. Hope isn’t a strategy.

So, what is the best strategy? Continuous learning that upskills your cyber teams. It can and should be a part of the transportation sector’s cyber readiness efforts to constantly improve their posture. Because, as we know, the only constant in cybersecurity is change. The transportation industry is dynamic and evolving, just like cyber threats. Cybersecurity is the responsibility of everyone, not just those in IT. All need to take ownership of how they contribute to the security of the company.

Failure to provide responsible oversight will not only impact everyone personally employed in the company, but it will have a ripple effect that extends out to the great social, political, and economic groups that depend on transportation.

Transportation’s reach and integration with so many other industries require and demand a stronger cybersecurity arm. To start strengthening the sector, we’ve prepared four strategies to form an elite cyber team. Without a strong cyber team in place, the newest technologies and tools will only go as far as the skill sets and knowledge base of your cyber team.