Transit Hubs at Risk for Cyberattacks

As we have covered before, automotive cybersecurity is increasingly important. While witnessing the rapid expansion of connective tech driving the industry forward, we are also experiencing a rapid expansion of the cyber threat landscape that could potentially set the industry back. And as a report covered in TechHQ warns, automakers are falling behind in matching the pace of their cyber practices with the pace of their evolving line of work. Considering that Trend Micro Incorporated estimated that 125 million passenger cars with embedded connectivity consisting of features like cloud, Internet of Things and 5G are predicted to eventually hit the market, it is crucial that they prioritize implementing protective measures.

Regulations Seek to Organize Cybersecurity Reporting for Sectors such as Transportation

On top of automakers putting cybersecurity plans into place, it is important that they have regulations as guides to turn to as well. Such structure helps to maintain consistency across the field. So far there have been regulatory efforts carried out in places like the European Union, Japan and South Korea, which have adopted WP.29 regulations (find more information about regulations in our post, “Regulating Cybersecurity in the Automotive Industry”). The U.S. has also been working on its own stipulations. In March, President Biden signed the Consolidated Appropriations Act, 2022. Within that act is a bill titled “The Cyber Incident Reporting for Critical Infrastructure Act of 2022.” The bill outlines specifications around the timeframe an entity has to report a cybersecurity incident, the details that must be included when reporting an attempted or successful breach, requirements that must be met in the case that the breach includes a ransom payment and the ramifications if an entity fails to comply with these rules.

As reflected in its name, “The Cyber Incident Reporting for Critical Infrastructure Act of 2022” focuses on providing instructions designed for critical infrastructure sectors. One of the main reasons for this concentration is that a cyberattack on one or more of these sectors has the potential to be extremely detrimental. Cybersecurity experts have been on especially high alert regarding critical infrastructure with the mounting concern over the immense threat that Russia’s activities pose. Included in their concerns is the safety of transportation systems, which are, of course, a significant element of critical infrastructure. Alex Daugherty wrote for Politico, “Every sector is vulnerable to cyber attacks from Russia, but experts worry that interconnected rail lines and transit systems will be prime targets.” Also in March, the TSA, influenced by these growing risks, published voluntary guidelines for freight, passenger rail and transit systems to strengthen cyber approaches. This effort followed a previous directive released in 2021, which urged operators of “higher-risk” freight and passenger rail lines to assign a cybersecurity coordinator role, report cyber instances to the CISA within 24 hours, run cybersecurity audits and form proper response plans.

Threats and Attacks Impacting Transportation Systems Emphasize the Need for Enhanced Cybersecurity

While current threats such as Russia are certainly pushing this emphasis on cybersecurity, the transportation industry also has actual events to look to as examples of the real challenge cyberattacks can create. According to Cybersecurity Dive, “A 2022 report from the National Academy of Sciences cited three cyberattacks on North American public transit systems attributed to foreign states or state-based actors.” In April of 2021, an attack on the New York City Metropolitan Transportation Authority was attributed to China-based actors. Additionally, there was a May 2020 attack on the Colorado Department of Transportation linked back to Iran. In December, officials in Honolulu speculated that a breach on the city transportation services network, which disrupted services for TheBus, TheHandi-Van, TheBus app and its HOLO card system, was carried out by hackers connected to Russia.

Another case in Toronto also served as an example of the vulnerabilities that transportation systems face. TechCrunch reported that back in October, the Toronto Transit Commission confirmed that a ransomware attack had potentially exposed tens of thousands of employees’ information. Plus, the attack caused issues with vehicle tracking and “next bus” systems and the online Wheel-Trans booking system, per the organization’s chief executive’s explanation.

It isn’t just the rail industry that is going through the build-up of such concerns. Airlines are having to expand their understanding of what cybersecurity incorporates too. A major concern that they are presented with is the security of passenger service systems. These systems help to run a number of functions like “airline reservation system, airline inventory system, departure control system, Internet booking engine, loyalty solutions, customer care solutions, airport management consulting, and ancillary services, “based on a summary from Transparency Market Research. Because they rely heavily on IT, these systems are yet another target that cybercriminals may be interested in. Since the market for passenger service systems are expected to grow across locations including North America, Europe and Asia, it is likely that they will join the list alongside connected cars and vulnerable rail systems in the trends defining the cyber risks impacting transit hubs.

Sources:

 

 

 

Share

Table of Contents

See Our Blog Posts

Enter Your Information to Access This White Paper

Enter Your Information to Access This White Paper

Enter Your Information to Access This White Paper

Enter Your Information to Access This White Paper

Enter Your Information to Access This Datasheet

Enter Your Information to Access This Datasheet