Guarding Against
Subway Scares
The New York City Metropolitan Transportation Authority discovered earlier this year that its com- puter systems had been breached. The perpetrators, believed to be backed by the Chinese government, didn’t demand ransom, nor did they access systems that controlled train cars (which would have put passengers at risk). Nonetheless, the intrusion is a cautionary tale for public transit systems across the country. While 80 percent of transportation agen- cies say they’re prepared to manage cybersecurity threats, only 60 percent of them have a plan in place, according to a study last year by the Mineta Trans- portation Institute.
Going Airborne
Hackers are targeting airlines as never before: Attacks increased 15,000 percent between 2017 and 2019. (Yes, 15,000 percent!) So far, hackers have primarily caused computer outages with distributed denial of service (DDoS) attacks. By disrupting internet connections, hackers cause terrible delays, with all
the impact on business and
personal lives that you can
imagine. Fortunately, noth-
ing worse has been reported.
But a plane’s Wi-Fi or enter-
tainment system could be
hacked to enable tampering
with satellite communica-
tions and interfering with
navigation and control. A
tech-savvy hijacker could
change your route—or worse—without worrying about getting through airport security to board the plane. While airlines have robust cybersecurity systems in place, and pilots can still take control away from autopilot, without cybersecurity vigilance, passengers could experience more than just a bumpy flight.
U.S. CYBERSECURITY JOB OPENINGS
769,736
 Protecting Our Ride
In September of 2022, employees at Uber received this Slack message: “I announce I am a hacker and Uber has suffered a data breach.” The hacker gained access by pretending to be from Uber's tech department and persuading one unfortunate employee to give up their password. (This technique, called social engineering, was used in similar attacks at Twitter and Microsoft.) It was not the first time cyber criminals had stolen data from Uber. In 2016, hackers stole information from 57 million driver and rider accounts and demanded $100,000 to delete their copy of the data. Uber arranged the payment but kept the breach a secret for more than a year. When the theft came to light, the CEO was fired. Here's hoping that transparency works better for Uber this time.
   TOP PHOTO BY ONO KOSUKI FROM PEXELS; ISTOCKPHOTO.COM (2) START-ENGINEERING.COM 7