Navigating the Digital Highway: Cyber Risks in Holiday Travel Transportation

Background

Cybercriminals exploit weekends and holidays when organizations are understaffed, often targeting weakened human defenses with ransomware attacks. The evasive nature of such attacks allows perpetrators to maximize damage and data theft, taking advantage of rushed security responses. With staffing levels below 33% during holidays and weekends, cybercriminals find increased success and are encouraged to be more aggressive, fueling the expansion of criminal enterprises.

Introduction

In the context of holiday travel, transportation is crucial for individuals and families to reach their destinations. However, the growing reliance on digital systems in the transportation sector raises concerns about cyber risks during holiday travel. These risks can affect various modes of transportation, including airlines, trains, buses, and rental cars, potentially leading to travel disruptions and security threats.

Airlines: The aviation industry is witnessing a surge in cyberattacks. Incidents targeting key players like London City Airport and Birmingham Airport have caused disruptions. Ransomware attacks on supply chain entities have spiked by 600% compared to the previous year, posing threats to sensitive data and operational disruptions. The aviation sector’s intricate ecosystem, involving numerous service providers, makes it susceptible to cascading impacts from cyberattacks at any point in the supply chain. Major carriers like British Airways, American Airlines, and Southwest Airlines have faced data breaches, including the compromise of payroll and applicant information. Despite technological advancements enhancing aviation safety, outdated operational technology systems, such as those used by the FAA in the United States, remain vulnerable to cyber threats, presenting a significant challenge to the sector’s cybersecurity.

Railroad: Alaska Railroad Corporation (ARRC) fell victim to a cyberattack, compromising sensitive information about vendors and employees. The unauthorized access to ARRC’s internal network systems reportedly occurred on December 25, 2022. The stolen data includes personal details such as names, dates of birth, social security numbers, driver’s license numbers, employer tax identification numbers, and banking information. Additionally, highly sensitive information like medical records, health insurance details, drug screening results, work evaluations, and birth or marriage certificates were also breached.

The incident came to light on March 18, 2023, with the company promptly taking action to identify and contain the intrusion. The delayed public notice is attributed to an ongoing law enforcement investigation. The Office of the Maine Attorney General reports that 7,413 individuals were affected by the hack. ARRC is offering affected individuals free credit monitoring and identity theft protection services while collaborating with law enforcement and forensic investigators to thoroughly review the compromised records. Further updates are expected as the investigation progresses.

Buses: The rising demand for efficient public transit has led to the integration of innovative technologies by transit agencies, especially during the pandemic. The implementation of contactless, mobile-based fare collection systems has contributed to the rebound of ridership, reaching over 70% of pre-pandemic levels in September 2022. However, the rapid adoption of technology in transit systems poses cybersecurity challenges, with a 186% increase in weekly ransomware attacks on transit systems since June 2020.

Recent cyberattacks on transit systems, such as the Washington Metropolitan Area Transit Authority (WMATA) breach, underscore the vulnerabilities in transit cybersecurity. The WMATA incident revealed security issues stemming from increased reliance on technology, emphasizing the need for robust cybersecurity measures. The U.S. Department of Transportation also reported a data breach affecting employee transportation benefits, exposing personal information of 237,000 individuals.

Rental Cars: The flourishing sharing economy, driven by technological advancements, has made services like app-powered car rentals easily accessible. However, recent data breaches, such as the incident in Taiwan, where thousands of customer data were exposed, highlight the risks associated with sharing personal information for the convenience of such services.

App-based car rental services require users to provide sensitive information like ID and credit card numbers, driver’s license copies, and e-signatures. Unfortunately, this makes individuals vulnerable to data breaches, theft, and potential fraud, especially when there is operational negligence or security gaps.

Stolen personally identifiable information (PII) serves as a gateway for identity theft and fraud.

Cybercriminals can exploit stolen PII to open bank accounts, withdraw cash, apply for credit cards, or loans, resulting in financial losses and damage to victims’ credit ratings. Data breaches in the automotive industry are not uncommon, with notable companies experiencing incidents, including Toyota, Ford, NIO, Volkswagen, and General Motors.

Risks

Holiday travel often involves a series of transportation methods, from booking flights and accommodations to renting cars and using public transit. As the transportation industry becomes increasingly interconnected through digital systems and automation, it also becomes susceptible to cyber risks.

Flight Systems Vulnerabilities: Airlines heavily rely on computer systems for ticketing, reservations, and flight control. Cyber threats that target these systems can lead to flight delays, cancellations, or even security breaches. While travelers can’t control airline cybersecurity, they can stay updated on flight statuses through official airline apps or websites and maintain essential travel documents in both digital and physical formats.

Public Transit and Train Systems: Many holiday travelers use public transit or trains to navigate cities or reach their destinations. These systems often rely on digital infrastructure and cyberattacks can disrupt services. Travelers should be prepared for potential delays, keep their tickets and travel documents secure, and have alternative transportation options in mind.

Car Rental and Keyless Entry: Modern rental cars often come equipped with keyless entry and ignition systems, which are vulnerable to hacking. Cybercriminals can exploit these systems to gain unauthorized access to rental vehicles. To mitigate this risk, travelers should double-check the security of their rental vehicles, use steering wheel locks, and never leave valuables in the car.

Transportation Apps and Online Booking: Many travelers use transportation apps for ride-sharing, booking services, and navigation. These apps can be targeted by cybercriminals, potentially leading to fraudulent charges or compromised personal information. To protect themselves, travelers should only download apps from trusted sources, keep them updated, and regularly review their transaction history.

Credit Card and Payment Security: When booking transportation services, travelers often provide payment information online. Cyberattacks on booking websites can lead to data breaches. To minimize risks, travelers should use reputable booking platforms, monitor their credit card statements for unauthorized transactions, and enable two-factor authentication when available.

Mitigation Strategies

Secure Devices and Connections: Ensure that all devices, including smartphones, laptops, and tablets, are updated with the latest security patches and antivirus software. Use secure and encrypted Wi-Fi connections, such as virtual private networks (VPNs), to protect data transmitted over public networks.

Multi-Factor Authentication (MFA): Enable MFA for all accounts, including email, banking, and travel-related apps. MFA adds an extra layer of security by requiring additional verification beyond passwords, making it more difficult for unauthorized users to gain access.

Use Trusted Networks: Avoid using public computers or unsecured Wi-Fi networks for sensitive transactions. If necessary, use personal hotspots or trusted networks, especially when accessing financial or confidential information.

Beware of Phishing Scams: Exercise caution when clicking on links or downloading attachments, especially in emails or messages related to travel arrangements, discounts, or promotions. Verify the legitimacy of communications directly with the service provider through official channels.

Secure Payment Transactions: Use secure and reputable payment methods when making online transactions. Avoid using public computers for financial transactions, and regularly monitor bank and credit card statements for any unauthorized activity.

Data Backups: Back up important data, documents, and travel itineraries before embarking on the journey. In case of device loss, theft, or damage, having backups ensures that crucial information is not lost.

Privacy Settings: Review and adjust privacy settings on social media accounts. Avoid sharing detailed travel plans or personal information publicly, as this information could be exploited by cybercriminals.

Update Travel Apps: Ensure that travel-related apps, such as airline, hotel, and navigation apps, are updated to their latest versions. App updates often include security patches and enhancements.

Password Management: Use strong, unique passwords for each online account and consider using a password manager to securely store and manage login credentials. Change passwords regularly, especially before and after travel.

Conclusion

Holiday travel relies on transportation services, which are increasingly digitized and interconnected. As a result, there are notable cyber risks associated with these modes of travel, from flight systems vulnerabilities to public transit disruptions and car rental security issues. While travelers may not have direct control over the cybersecurity of transportation providers, they can take proactive measures to protect themselves. This includes staying informed about their flight status, keeping travel documents secure, using additional security measures for rental cars, being cautious with transportation apps, and monitoring their payment transactions. By being vigilant and prepared, travelers can reduce their exposure to cyber risks and enjoy a safer and more enjoyable holiday travel experience.

CRITICALSTART® offers a pioneering solution to modern organizational challenges in aligning cyber protection with risk appetite through its Cyber Operations Risk & Response™ platform, award-winning Managed Detection and Response (MDR) services, and a dedicated human-led risk and security team. By providing continuous monitoring, mitigation, maturity assessments, and comprehensive threat intelligence research, they enable businesses to proactively protect critical assets with measurable ROI. Critical Start’s comprehensive approach allows organizations to achieve the highest level of cyber risk reduction for every dollar invested, aligning with their desired levels of risk tolerance. 