In the U.S., the transportation sector is defined to include a number of subsectors such as aviation, highway infrastructure, maritime transportation, mass transit and passenger rail, pipeline systems, freight rail, and postal and shipping. This is an extensive network of transportation systems that span the globe, offering attackers a multitude of targets in numerous geographies.

According to the 2015 version of the “Transportation Systems Sector-Specific Plan,” the transportation sector is increasingly vulnerable to cyberthreats as a result of “the growing reliance on cyber-based control, navigation, tracking, positioning and communications systems, as well as the ease with which malicious actors can exploit cyber systems serving transportation.”

Why Attack the Transportation Industry?

IBM’s “Know Your Cyber Enemy” report highlighted a variety of motives behind these attacks but stated quite clearly that “direct financial gain is the aim of profit-motivated attacks and the driver behind the most active areas of cybercrime.” This is evident in the types of security incidents disclosed in the last few years across the transportation industry, many of which involved stolen personally identifiable information (PII) and credit card data.

For example, in 2014, the Chinese national train reservation system was the target of attackers who stole customers’ personal data. Last year, sensitive passenger data including travel manifests was stolen from a major U.S. airline, Bloomberg reported. Frequent flier accounts of several airlines were also targeted in recent years. Attackers likely leveraged stolen logins, obtained through other data leaks and password reuse, to steal miles from these accounts, which could then be used or converted into gift cards or other tangible goods.

Addressing the Challenges

Scaling security with the growing demands on transportation’s infrastructure and systems is challenging. Adding to this challenge is the trend towards privatization: Each individual owner or operator is responsible for identifying critical cyber infrastructure and applying remediation. Vulnerable systems could include navigation equipment, air traffic control and tracking and communication systems.

However, patch management policies may vary widely from one organization to the next. Security and risk professionals will have to identify the weak points in their organizations and then apply the most effective remediation and mitigation practices. As daunting as these security challenges may seem, transportation organizations willing to invest in cybersecurity can be in a strong position to prevent attacks.

For more information, read the IBM report “Security Trends in the Transportation Industry,” which provides insights regarding the types of cyberattacks targeting the transportation sector as well as recommendations on how it can address these security challenges.

IT security risks to transportation: Defending a critical infrastructure segment

More from Intelligence & Analytics

New report shows ongoing gender pay gap in cybersecurity

3 min read - The gender gap in cybersecurity isn’t a new issue. The lack of women in cybersecurity and IT has been making headlines for years — even decades. While progress has been made, there is still significant work to do, especially regarding salary.The recent  ISC2 Cybersecurity Workforce Study highlighted numerous cybersecurity issues regarding women in the field. In fact, only 17% of the 14,865 respondents to the survey were women.Pay gap between men and womenOne of the most concerning disparities revealed by…

Protecting your data and environment from unknown external risks

3 min read - Cybersecurity professionals always keep their eye out for trends and patterns to stay one step ahead of cyber criminals. The IBM X-Force does the same when working with customers. Over the past few years, clients have often asked the team about threats outside their internal environment, such as data leakage, brand impersonation, stolen credentials and phishing sites. To help customers overcome these often unknown and unexpected risks that are often outside of their control, the team created Cyber Exposure Insights…

X-Force Threat Intelligence Index 2024 reveals stolen credentials as top risk, with AI attacks on the horizon

4 min read - Every year, IBM X-Force analysts assess the data collected across all our security disciplines to create the IBM X-Force Threat Intelligence Index, our annual report that plots changes in the cyber threat landscape to reveal trends and help clients proactively put security measures in place. Among the many noteworthy findings in the 2024 edition of the X-Force report, three major trends stand out that we’re advising security professionals and CISOs to observe: A sharp increase in abuse of valid accounts…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today