START-ENGINEERING.COM
8
Going Airborne
Hackers are increasingly targeting airlines, with a significant rise in at-
tacks between 2019 and 2020. During this period, attacks increased by 530
percent, with ransomware attacks occurring on a weekly basis. The majority
of these attacks, carried out by pro-Russia groups, have primarily resulted
in computer outages through distributed denial of service (DDoS) attacks.
By disrupting internet connections, hackers cause terrible delays, with all
the impact on business and personal lives that you can imagine. Fortunately,
nothing worse has been reported. But a plane’s Wi-Fi or entertainment sys-
tem could be hacked to enable tampering with satellite communications and
interfering with navigation and control. A tech-savvy hijacker could change
your route — or worse — without worrying about getting through airport se-
curity to board the plane. While airlines have robust cybersecurity systems in
place, and pilots can still take control away from autopilot, without cyberse-
curity vigilance, passengers could experience more than just a bumpy flight.
what is cybersecurity?
In September of 2022, employees at Uber received this Slack message: “I announce I am
a hacker and Uber has suffered a data breach.” The hacker gained access by pretending
to be from Uber’s tech department and persuading one unfortunate employee to give
up their password. (This technique, called social engineering, was used in similar attacks
at Twitter and Microsoft.) It was not the first time that cyber criminals had stolen data
from Uber. In 2016, hackers stole information from 57 million driver and rider accounts
and demanded $100,000 to delete their copy of the data. Uber arranged the payment
but kept the breach a secret for more than a year. When the theft came to light, the CEO
was fired. Here’s hoping that transparency works better for Uber this time.
Watching Our Ride
Guarding Against
Subway Scares
The New York City Metropolitan Transpor-
tation Authority discovered in 2021 that
its computer systems had been breached,
for the third time. The perpetrators,
believed to be backed by the Chinese gov-
ernment, didn’t demand ransom, nor did
they access systems that controlled train
cars (which would have put passengers
at risk). Nonetheless, the intrusion is a
cautionary tale for public transit systems
across the country. While 80 percent of
transportation agencies say they’re pre-
pared to manage cybersecurity threats,
only 60 percent of them have a plan in
place, according to a study last year by
the Mineta Transportation Institute.