Intruders attempt to psychologically manipulate employees and contractors to obtain confidential information.
Public transportation offices are witnessing a surge in social engineering cyberattacks, where intruders attempt to psychologically manipulate employees and contractors to gain confidential information. During a roundtable at the annual Transportation Research Board meeting on January 8, experts shared examples of these sophisticated attacks.
The Port Authority of New York and New Jersey has been particularly susceptible, with cybercriminals exploiting the “human fallibilities and vulnerabilities” of its employees, according to Josh DeFlorio, Chief of Resilience and Sustainability at the Port Authority.
In social engineering cyberattacks, digital criminals leverage their social skills to engage with specific organizational staff, aiming to obtain confidential information or access their computer systems. Jennifer DeBruhl from the Department of Rail and Public Transportation in Virginia recounted a successful attack that led to a statewide system outage lasting six months.
Cordell Schachter, Chief Information Officer of the United States Department of Transportation (USDOT), emphasized the importance of preventive measures, such as multi-factor authentication and system segmentation. He recommended a cybersecurity self-assessment and contacting the FBI or the Cybersecurity and Infrastructure Security Agency (CISA) in case of an attack. “Everyone should undergo a cybersecurity self-assessment to help us understand our current risks and report our plans to remedy them,” stated Schachter.
The US DOT combats these threats through monthly phishing tests for employees, reducing the click-through rate from 20% to 4%. Schachter underscored the immediate replacement of default passwords and basic cyber hygiene practices.
Effective strategies include flagging internal emails with red banners and integrating cybersecurity into the DOT’s strategic plan. Furthermore, the DOT collaborates with the Department of Homeland Security on risk management for the transportation systems sector to safeguard the national transportation network from cyberattacks. CISA provides online resources to counteract these threats.
U.S.-Mexico cross-border transportation controversies
In recent years, US companies establish operations in Mexico to hire drivers with B-1 visas In recent years, a phenomenon has been observed in the
Automatic emergency braking implementation: advancements and challenges
The USDOT continues to advance the implementation of AEB technology, while owner-operators express concerns The U.S. Department of Transportation continues to advance the implementation of
Briefs: truckers challenge parking laws, speed limits, and safety regulations
Truckers sue Palm Beach County, California introduce smart speed laws, Colorado in commercial vehicle bill Truckers sue Palm Beach County, Florida over parking fines in
Why don’t drivers want to buy electric vehicles?
7 reasons why consumers put limitations on EV purchases The popularity of electric vehicles (EVs) has experienced a significant increase in recent years, driven by
Pre-purchase strategies for Class 8 trucks
The recently announced EPA emissions regulations are expected to increase the cost of trucks by approximately $30,000 The recently announced EPA emissions regulations are having
Driving distraction: trends, challenges, and solutions
Transportation companies should enforce stricter policies regarding mobile phone use while driving April marks Distracted Driving Awareness Month, a phenomenon that remains a persistent concern
One Response