Llame al (888) 572-7520 para hablar con un agente

Intruders attempt to psychologically manipulate employees and contractors to obtain confidential information.

Public transportation offices are witnessing a surge in social engineering cyberattacks, where intruders attempt to psychologically manipulate employees and contractors to gain confidential information. During a roundtable at the annual Transportation Research Board meeting on January 8, experts shared examples of these sophisticated attacks.

The Port Authority of New York and New Jersey has been particularly susceptible, with cybercriminals exploiting the “human fallibilities and vulnerabilities” of its employees, according to Josh DeFlorio, Chief of Resilience and Sustainability at the Port Authority.

In social engineering cyberattacks, digital criminals leverage their social skills to engage with specific organizational staff, aiming to obtain confidential information or access their computer systems. Jennifer DeBruhl from the Department of Rail and Public Transportation in Virginia recounted a successful attack that led to a statewide system outage lasting six months.

Cordell Schachter, Chief Information Officer of the United States Department of Transportation (USDOT), emphasized the importance of preventive measures, such as multi-factor authentication and system segmentation. He recommended a cybersecurity self-assessment and contacting the FBI or the Cybersecurity and Infrastructure Security Agency (CISA) in case of an attack. “Everyone should undergo a cybersecurity self-assessment to help us understand our current risks and report our plans to remedy them,” stated Schachter.

En la imagen se muestran dos personas con expresión de enfado, frente a una computadora que indica un ciber ataque

The US DOT combats these threats through monthly phishing tests for employees, reducing the click-through rate from 20% to 4%. Schachter underscored the immediate replacement of default passwords and basic cyber hygiene practices.

Effective strategies include flagging internal emails with red banners and integrating cybersecurity into the DOT’s strategic plan. Furthermore, the DOT collaborates with the Department of Homeland Security on risk management for the transportation systems sector to safeguard the national transportation network from cyberattacks. CISA provides online resources to counteract these threats. 


One Response

Leave a Reply

Your email address will not be published. Required fields are marked *

Business hours: Monday to Friday from 8:00 AM to 5:00 PM. California time
Leave your number and a member of our company will contact you
Horario de atención: Lunes a viernes de 8.00 AM a 5.00 PM. Hora california

Deje su número y un miembro de nuestra empresa se pondrá en contacto con usted