Transportation


  • Cathay Pacific hack: Airline admits techies fought off cyber-siege for months

    November 12, 2018

    Fresh from belatedly admitting that 9.4 million passengers’ personal data was stolen by hackers, Hong Kong airline Cathay Pacific has now admitted that it was under attack for three solid months before it took half a year to tell anyone. In its initial public statement on the hack, which saw names, nationalities, dates of birth, addresses, ...

  • Cloud, cars and IoT could change grid cybersecurity

    November 6, 2018

    The proliferation of connected devices including electric cars could provide grid operators with an operational view of cybersecurity threats and change the way the grid is secured, said Karen Evans, assistant secretary of the Energy Department’s Office of Cybersecurity, Energy Security, and Emergency Response. While experts generally consider the internet of things to be a risky ...

  • Eurostar Resets All Customer Passwords After ‘Attempted’ Hack

    November 2, 2018

    The incident, which took place in mid-October, follows major breaches at several airlines — but this time around no payment details were affected Eurostar has reset all customers’ online passwords after detecting an “attempted” hack, the rail company confirmed. The incident follows major breaches at several airlines. Eurostar customers reported receiving emails from Eurostar earlier this week notifying ...

  • Cathay Pacific Data Breach Highlights A Need To Change Airline Security Focus

    October 25, 2018

    Cathay Pacific has been hit by a data breach affecting 9.4 million passengers of Cathay and Hong Kong Dragon Airlines, a serious exposure that shows—not for the first time—that the focus of airline security can’t be limited to airport terminals and aircraft cabins. First discovered in March, and confirmed in May of this year, the Cathay Pacific ...

  • Heathrow Fined £120,000 Over Lost USB Stick

    October 9, 2018

    The unencrypted stick, containing personal data on staff, was found by a member of the public before being handed in to a national newspaper Heathrow Airport said it has begun a company-wide data security training programme after the Information Commissioner’s Office (ICO) fined it £120,000 over an embarrassing data breach last year. The ICO said an unencrypted ...

  • Port of San Diego suffers cyber-attack, second port in a week after Barcelona

    September 27, 2018

    Two major international ports fell victim to cyber-attacks within the span of a week, putting the shipping industry on alert for a possible threat actor targeting the entire sector. The first to fall was the Port of Barcelona, Spain, on September 20, last week. The second attack was reported yesterday, September 25, by the Port of ...

  • Bristol Airport blames hackers for three day technical meltdown

    September 16, 2018

    A cyber attack was the cause behind a three day technical meltdown, according to Bristol Airport. The airport’s information screens were out of service on both Friday and Saturday, with holidaymakers having to read departure times off whiteboards scattered around the airport. An airport spokesman said several systems were taken offline on Friday in a bid to ...

  • OilRig APT Continues Its Ongoing Malware Evolution

    September 13, 2018

    The Iran-linked APT appears to be in a state of continuous tool development, analogous to the DevOps efforts seen in the legitimate software world. OilRig, an APT group believed to have ties to Iran, has been spotted in yet another campaign in the Middle East – this time targeting victims within an undisclosed government using an ...

  • British Airways breach caused by the same group that hit Ticketmaster

    September 11, 2018

    A cyber-criminal operation known as Magecart is believed to have been behind the recent card breach announced last week by British Airways. The operation has been active since 2015 when RisqIQ and ClearSky researchers spotted the malware for the first time. The group’s regular mode of operation involves hacking into online stores and hiding JavaScript code that steals payment card information entered ...

  • BA hacked: 380,000 card payments ‘compromised’ in breach

    September 7, 2018

    Shares of British Airways’ parent company IAG fell around 4% as markets opened on Friday morning, hours after the airline said the credit card information of at least 380,000 customers had been “compromised” in a data theft. More than £500m was wiped of the airline group’s market value as a result, before the share price rallied ...

  • Air Canada app data breach involves passport numbers

    August 29, 2018

    Air Canada’s app has suffered a data breach resulting in the suspected loss of thousands of its customers’ personal details. The airline has warned that users who had entered their passport details into the product may have had that data stolen. Experts warn that the theft of such information would pose a serious ID fraud risk. The firm ...

  • Ransomware Attack Cripples Cosco Shipping Network – Report

    July 26, 2018

    A shipping giant is likely to run up in millions of dollars of additional costs after a ransomware attack apparently crippled its US network. The attack was against COSCO (China Ocean Shipping Company), which is a Chinese owned shipping giant. It comes after its larger shipping rival Maersk admitted in August 2017 that its operations had been impacted by ...

  • Hotels, airlines and travel sites battle bot attacks

    June 27, 2018

    Hotels, airlines, cruises and travel sites are under siege from crooks using fake or stolen account details to try to access accounts. Hackers have been using stolen or leaked account details to attempt to log into accounts, using botnets to deliver attacks at industrial scale, according to research by Akamai. Read more… Source: ZDNet  

  • Maritime navigation hack has potential to wreak havoc in English channel

    June 8, 2018

    A researcher has warned that threat actors are able to compromise common maritime navigation systems to potentially cause chaos in the shipping industry. As reported by the BBC, security researcher Ken Munro from Pen Test Partners has discovered that a ship navigation system called the Electronic Chart Display (Ecdis) can be compromised, potentially to disasterous effect Read more… Source: ...

  • Hacking train Wi-Fi may expose passenger data and control systems

    May 11, 2018

    Vulnerabilities on the Wi-Fi networks of a number of rail operators could expose customers’ credit card information, according to research from Pen Test Partners. The research was conducted over several years, said Pen Test’s Ken Munro. “In most cases they are pretty secure, although whether the Wi-Fi works or not is another matter,” he added. Read more… Source: ...

  • Volkswagen Cars Open To Remote Hacking, Researchers Warn

    May 1, 2018

    Over the last few years, automakers like Ford, Jeep, Nissan and Toyota have all suffered car-hacking vulnerabilities in their vehicles. Now,  it looks like Volkswagen has been pulled into the mix after researchers discovered that in-vehicle infotainment (IVI) systems in certain Volkswagen-manufactured cars could be remotely hacked. Not only that, but it’s possible to pivot to more critical ...

  • Gold Galleon Hacking Group Plunders Shipping Industry

    April 18, 2018

    Researchers have identified the hacking group behind several widescale business email compromise (BEC) attacks gouging the maritime shipping industry millions of dollars since last year. Attackers are taking advantage of the industry’s lax security and the use of outdated computers, according to a report released here at the RSA Conference Wednesday. Researchers from the Dell SecureWorks Counter ...

  • Delta Confirms Breach Of Customer Payment Details

    April 5, 2018

    Hackers have had access to Delta customer payment data for over six months after third party breach US airline Delta Air Lines and American department store Sears Holding have both confirmed a data breach, after an incident involving a third party tech provider. Delta said that it was notified last week by 7.ai, a company that provides online chat ...

  • UK names Russia as source of NotPetya, USA follows suit

    February 15, 2018

    The United Kingdon’s Foreign and Commonwealth Office has formally “attributed the NotPetya cyber-attack to the Russian Government”, specifically the nation’s military. “The decision to publicly attribute this incident underlines the fact that the UK and its allies will not tolerate malicious cyber activity,” said a February-15th-dated statement from Foreign Office Minister for Cyber Security Lord (Tariq) Ahmad of ...

  • IT ‘heroes’ saved Maersk from NotPetya with ten-day reinstallation bliz

    January 25, 2018

    4,000 servers, 45,000 PCs and 2,500 apps all rebuilt, while other staff went manual It’s long been known that shipping giant Maersk suffered very badly from 2017’s NotPetya malware outbreak. Now the company’s chair has detailed just how many systems went down: basically all of them. Speaking on a panel at the World Economic Forum this week, Møller-Maersk ...