Raising Awareness About Cyber Risks in Transportation Industry
Taking control of a plane or display panels in train stations, cyberattacks targeting information systems, personal and banking data thefts… A long but non-exhaustive list of cyberattacks in transportation industry.
Threats state of play in a Sensitive Sector
Malicious intrusions attempts in airlines’ information systems are common. For example, British Airways suffered several large-scale cyberattacks during 2018 summer. At the end 429 000 clients’ personal and financial data have been hacked, through Bristish Airways’ mobile app and website. The infection technique used? A Trojan horse called Magecart, specialised in banking data interception. Only 22 code lines injected in web servers’ files were necessary to attack a major company like British Airways…
Another example is the Warsaw airport cyberattack in June 2015. The information system, which generate flights plans and their display on panels, has been attacked through LOT airline. This cyberattack caused tens of flights cancellation and delays, with 1 400 passengers blocked in the airport. We can easily imagine the extent of human and financial consequences if this cyberattack would have targeted one of the most visited airports in the world such as Atlanta, Beijing, Heathrow or Paris Charles-de-Gaulle.
The rail transport is also targeted. For example, in 2017 the German railway company (The Deutsche Bahn) has been infected by WannaCry ransomware , crippling every train station in the country. WannaCry ransom messages were showed on display panels.
Those different cyberattacks in airline and rail transport sectors have awoken awareness. Cyber threat must be taken seriously and cyberattacks must be anticipated.
How to choose your detection system?
You'll find all the information you need in our products comparative grid.
Prevent hackers’ entry points diversification
Attacks being more frequent, digitalisation being more and more present in each step of users’ journey, human and financial consequences, convinced the decision-makers in this sensitive sector on the significance of an efficient protection against cyberthreats.
Yet public and private firms on this sector are in fact under-equipped with cyberattacks’ efficient detection methods. Indeed hackers use innovative techniques to interfere in information systems. As incredible as it sounds, it is possible for hackers to connect an USB drive to a A380 plane or even enter the information system of a plane in flight through radiofrequencies.
So it is essential to secure all the terminals, whether it is the ones in contact with customers (withdrawal tickets terminals) but above all information systems. The difficulty is to prevent attacks, which have never occurred (called zero-days). Big companies in the transportation industry have not the data to anticipated cyberthreats, without the help of companies expert in APTs (Advanced Persistent Threats) detection.