Data Breaches Hit Transportation Sector

Posted by
Jun 11, 2021
Reviewed by
Jan 16, 2024
min. read
Table of Contents

A growing number of sectors have experienced cyberattacks in 2021. The companies and organizations that suffered them have been diverse, including recent attacks on a meat producer and an oil pipeline. What is alarming here is these represent the nation’s critical infrastructure.

It is easy to take critical infrastructure for granted when it’s a mundane, routine part of life, such as purchasing groceries or filling up at a gas station. A disruption to any part of critical infrastructure could be a headache—or a nightmare scenario. Transportation is classified as such an asset to society.

In the spring of 2021, two transportation organizations on the East Coast were hit with cyberattacks. In April, New York’s Metropolitan Transportation Authority was hit, and in June Massachusetts’ Steamship Authority became a victim.

Critical Infrastructure

New York brings to mind a multitude of unique associations with its name, from its skyline and landmarks to its cuisine and culture. Among the associations with it is the city’s sprawling and extensive subway network, which has by far the highest ridership in the United States. A damaging interference with the system could be disastrous for New York.

Farther to the east on this Eastern Seaboard archipelago, two Massachusetts islands to the south of Cape Cod are frequently visited via ferry. The islands of Martha’s Vineyard and Nantucket are popular getaways for summer travelers. Transit by ferry is the most popular means for visitors to reach these two islands.

In both cases, transporting people means keeping the local economies going. In New York the subway system gets people to and from work and day-to-day activities. In Massachusetts, the ferries provide economic lifeblood to Martha’s Vineyard and Nantucket. In both cases, affecting transportation can have devastating consequences.

Systems Affected

The New York MTA breach managed to avoid disaster, though officials admitted the cyberattack could have been much worse. MTA uses 18 computer systems, three of which were compromised in this attack. Officials said they did not believe that either employee or customer information had been breached. Importantly, hackers did not access systems that control train cars. Fortunately, this means that rider safety was not affected during the attack.

The Steamship Authority in Massachusetts was more deeply impacted following the separate ransomware attack against it. While the attack did not stop passenger service between the mainland and two islands, nor did it affect radar or GPS, the provider’s systems were adversely affected. Nearly a week after the attack, the Steamship Authority’s booking system remained affected, as passengers could not go online or call in to book or change reservations. Instead, they could check an alternative website for schedules and purchase tickets from a terminal.

Both transportation organizations suffered this latest round of breaches, mostly affecting their computer systems. It is frightening to think that a hacker could breach a provider that could jeopardize public safety, going beyond the typical nuisances of data breaches.

Data Security System for Transportation

Transportation and mobility have been key to human civilization since the dawn of time, and protecting it has always been vital. Thieves have always seen vulnerabilities in these networks, from bandits and highwaymen who robbed trade routes and travelers, to pirates attacking merchant ships and treasure fleets, to a growing number of cyberattacks on transit systems in the 21st century.

As has always been the case, transportation requires protection, and in today’s world it is essential that providers update their security methods. Modern transportation requires logistics and expansive computer systems to function, but these systems can make transportation susceptible to cyberattacks.

SecureDrive external portable drives and SecureUSB flash drives are hardware encrypted drives that require passwords and user authentication to unlock. These two families feature the KP and BT lines, the latter of which works with Remote Management to allow greater restrictions and controls on when and where drives can be used. All drives work with SecureGuard, which limits USB port access on computers across the organization by blacklisting or whitelisting drives, providing a detailed report of USB devices used or attempted on computers, and more.

Data Security

Discover our secure data Solutions

Data Recovery Services

From single external hard drives, SSD’s, mobile devices to enterprise NAS, SAN, and RAID failures, we are ready to help recover from digital disasters, anywhere.

Request Help
Philip Bader

After more than a decade in Southeast Asia as a reporter and editor for magazines, newspapers, and online media organizations, Philip Bader now serves as a freelance content writer for Secure Data Recovery Services. He writes blogs and web content about data storage technology, trends in enterprise data recovery, and emerging data storage technology.

© 2024 SecureData Corporation or its affiliates. All rights reserved.