If the telecommunications sector is the central nervous system of the global economy, then the transportation sector is its circulatory system. Each day, transportation operators move millions of passengers and tons of freight by air, rail, road, and sea. The sheer scale, scope, and critical nature of transportation services exposes operators to a variety of cyber and physical risks, many of which are exacerbated due to the following conditions:
Increasing Reliance on Emerging Technologies
Embracing new technologies is key to remaining efficient and competitive in the transportation sector. Electronic tracking ensures reliable fulfillment of logistics services, and aviation companies are expected to leverage state-of-the-art navigation and communications systems. Automation is also gaining major traction among transportation operators, with rail systems in particular growing increasingly dependent on automated train control (ATC) systems. Meanwhile, the development of driverless trucks has the potential to transform the freight industry.
Ongoing innovation will inevitably help transportation companies become more cost-effective and reliable, yet it can give rise to certain risks. The hasty implementation of third-party technology solutions, for example, has been known to make organizations across all sectors more vulnerable as they cede a certain degree of control to the supply chain. As such, transportation companies’ growing reliance on third-party technologies presents an alluring opportunity for threat actors to cause a disruption by interrupting physical transportation networks. For example, in June 2017, the global Petya ransomware attack, which began with the interdiction of a software supplier in Ukraine, cost a leading container shipping operator $300 million in lost revenue.
Transportation companies are inevitably affected by volatility in the geopolitical climate. For example, after the passing of the 2016 Brexit referenda, the International Air Transport Association estimated that air passenger travel to the U.K. would decline by 3 percent to 5 percent by 2020. Moreover, transportation companies can be attractive targets for politically or ideologically motivated actors who wish to cause a disruption, cut off access to key resources, or instill fear in the general public. Disruptions to air traffic control, border crossings, freight movements, port systems, and other critical targets can have a domino effect that leads to widespread congestion and delays.
Without a nuanced understanding of the geopolitical threat landscape, it is difficult for transportation companies to effectively allocate cyber and physical security resources. Threat actor capabilities and targeting patterns vary by region, so what works for a transportation company in one region in which they operate may not work in other regions.
The decentralized nature of transportation companies’ operations can make endpoint security a challenge. Larger transportation companies often have tens of thousands of employees operating services between hundreds of passenger or freight facilities. With so many end users and devices connected to company networks, it can be especially challenging to enforce acceptable use policies, monitor for cyber and physical vulnerabilities, and identify endpoint security threats proactively.
In one recent incident, more than 3,000 employees of a major airline had their accounts compromised through a successful credential stuffing attack, exposing sensitive personal data and valuable corporate information. In another instance, a hacker leaked more than 10,000 customer records for another major airline. With the expected proliferation of automated or “self-driving” vehicles, endpoint security will come to play an even more crucial role in ensuring physical security as well. Regardless of whether the threat is cyber or physical, gaining enhanced visibility into adversaries’ evolving tactics, techniques, and procedures can help transportation companies proactively address and mitigate endpoint security threats more efficiently and effectively.
The rise of BRI is a strategic opportunity for transportation companies to gain a competitive edge by leveraging insights gleaned from the Deep & Dark Web to make smart business decisions and gain an advantage over adversaries. Indeed, the U.S. Department of Homeland Security advises transportation companies to adopt a unified and efficient approach to evaluating cyber threats, vulnerabilities, and contingency factors. Transportation companies need to maintain continuous awareness of the various risks they face, and enhance their intelligence capabilities through information sharing and other best practices. Flashpoint’s first-class team of analysts and subject-matter experts augment transportation companies’ intelligence capabilities to achieve these objectives and gain a decision advantage over adversaries.
To learn more about how transportation companies are leveraging BRI, download our Business Risk Intelligence (BRI) for the Transportation Industry use cases.