Transportation


  • British Airways E-Ticketing Flaw Exposes Passenger Flight, Personal Data

    August 13, 2019

    A vulnerability in British Airways’ e-ticketing system could enable a bad actor to view passengers’ personal data or change their booking information. A security bug discovered in British Airways’ e-ticketing system has the potential to expose passengers’ data, including their flight booking details and personal information. Researchers on Tuesday said that check-in links being sent by British ...

  • Cyberattack warning to small plane owners: How your aircraft could be vulnerable

    July 30, 2019

    The alert from the DHS critical infrastructure computer emergency response team. warns that modern flight systems are vulnerable to hacking if a person manages to gain unrestricted access to an aircraft. The alert also recommends that small plane owners restrict unauthorized physical access to their aircraft the best they can. It warns that access should remain limited until ...

  • On the IoT road: perks, benefits and security of moving smartly

    July 22, 2019

    Kaspersky has repeatedly investigated security issues related to IoT technologies (for instance, here, or here). Earlier this year our experts have even gained foothold in the security of biomechanical prosthetic devices. The same implies to smart car security: our own research has indicated that there are number of issues—look here or here. This year, we decided to continue our tradition of small-scale experiments with security ...

  • London Underground to begin tracking passengers through Wi-Fi hotspots

    May 23, 2019

    Transport for London (TfL) is planning to roll out a system to track commuters making use of public Wi-Fi hotspots across the London Underground in coming months. The UK transport agency said on Wednesday that “secure, privacy-protected data collection will begin on 8 July 2019,” with improved customer services — including warnings over delays and station congestion — ...

  • Hackers reveal how to trick a Tesla into steering towards oncoming traffic

    April 2, 2019

    A team of hackers has managed to trick the Tesla Autopilot feature into dive-bombing into the wrong lane remotely through root control and a few stickers. Researchers from Tencent Keen Security Lab published a report this week (.PDF) on their findings, which shows how the Tesla Autopilot system engine control unit (ECU) can be abused through root security ...

  • London’s top attractions besieged by more than 100 million cyber attacks

    March 18, 2019

    Kew Gardens, National History Museum, Tate Gallery and Imperial War Museum have been hammered by a total of 109 million cyber attacks over the last few years according to Parliament Street. The research firm issued a Freedom of Information (FOI) request to the four leading tourist attractions in London to uncover just how secure their IT ...

  • Flaw in Multiple Airline Systems Exposes Passenger Data

    February 7, 2019

    Researchers have discovered that multiple airline e-ticketing systems do not encrypt check-in links. The security faux pas could allow bad actors on the same network as the victim to view – and in some cases even change – their flight booking details or boarding passes. Security researchers at Wandera said that eight airlines have been sending ...

  • Your New Car Is A Hacker Magnet — Automotive Industry Disconnect To Blame

    February 6, 2019

    The car that you drive today is a far cry from those of just a decade ago and in many ways is now an internet-connected computer on wheels. This push towards connectivity and smart-motoring has seen the automotive manufacturing industry shift towards becoming as much about software as they are transportation. And that means it ...

  • Electric Vehicle Charging Stations Open to IoT Attacks

    December 14, 2018

    Flaws could allow an attacker to stop or start a home charging station, or even change the current in order to start a fire. Given that creating proof-of-concept (PoC) cyberattacks for the Internet of Things (IoT) is essentially like shooting fish in a barrel these days, perhaps it’s not exactly surprising that a new niche category ...

  • Ships infected with ransomware, USB malware, worms

    December 12, 2018

    Ships suffer from the same types of cyber-security issues as other IT systems, a recent document released by the international shipping industry reveals. The document is the third edition of the “Guidelines on Cyber Security onboard Ships,” an industry-approved guide put together by a conglomerate of 21 international shipping associations and industry groups. While the document contains ...

  • Cathay Pacific hack: Airline admits techies fought off cyber-siege for months

    November 12, 2018

    Fresh from belatedly admitting that 9.4 million passengers’ personal data was stolen by hackers, Hong Kong airline Cathay Pacific has now admitted that it was under attack for three solid months before it took half a year to tell anyone. In its initial public statement on the hack, which saw names, nationalities, dates of birth, addresses, ...

  • Cloud, cars and IoT could change grid cybersecurity

    November 6, 2018

    The proliferation of connected devices including electric cars could provide grid operators with an operational view of cybersecurity threats and change the way the grid is secured, said Karen Evans, assistant secretary of the Energy Department’s Office of Cybersecurity, Energy Security, and Emergency Response. While experts generally consider the internet of things to be a risky ...

  • Eurostar Resets All Customer Passwords After ‘Attempted’ Hack

    November 2, 2018

    The incident, which took place in mid-October, follows major breaches at several airlines — but this time around no payment details were affected Eurostar has reset all customers’ online passwords after detecting an “attempted” hack, the rail company confirmed. The incident follows major breaches at several airlines. Eurostar customers reported receiving emails from Eurostar earlier this week notifying ...

  • Cathay Pacific Data Breach Highlights A Need To Change Airline Security Focus

    October 25, 2018

    Cathay Pacific has been hit by a data breach affecting 9.4 million passengers of Cathay and Hong Kong Dragon Airlines, a serious exposure that shows—not for the first time—that the focus of airline security can’t be limited to airport terminals and aircraft cabins. First discovered in March, and confirmed in May of this year, the Cathay Pacific ...

  • Heathrow Fined £120,000 Over Lost USB Stick

    October 9, 2018

    The unencrypted stick, containing personal data on staff, was found by a member of the public before being handed in to a national newspaper Heathrow Airport said it has begun a company-wide data security training programme after the Information Commissioner’s Office (ICO) fined it £120,000 over an embarrassing data breach last year. The ICO said an unencrypted ...

  • Port of San Diego suffers cyber-attack, second port in a week after Barcelona

    September 27, 2018

    Two major international ports fell victim to cyber-attacks within the span of a week, putting the shipping industry on alert for a possible threat actor targeting the entire sector. The first to fall was the Port of Barcelona, Spain, on September 20, last week. The second attack was reported yesterday, September 25, by the Port of ...

  • Bristol Airport blames hackers for three day technical meltdown

    September 16, 2018

    A cyber attack was the cause behind a three day technical meltdown, according to Bristol Airport. The airport’s information screens were out of service on both Friday and Saturday, with holidaymakers having to read departure times off whiteboards scattered around the airport. An airport spokesman said several systems were taken offline on Friday in a bid to ...

  • OilRig APT Continues Its Ongoing Malware Evolution

    September 13, 2018

    The Iran-linked APT appears to be in a state of continuous tool development, analogous to the DevOps efforts seen in the legitimate software world. OilRig, an APT group believed to have ties to Iran, has been spotted in yet another campaign in the Middle East – this time targeting victims within an undisclosed government using an ...

  • British Airways breach caused by the same group that hit Ticketmaster

    September 11, 2018

    A cyber-criminal operation known as Magecart is believed to have been behind the recent card breach announced last week by British Airways. The operation has been active since 2015 when RisqIQ and ClearSky researchers spotted the malware for the first time. The group’s regular mode of operation involves hacking into online stores and hiding JavaScript code that steals payment card information entered ...

  • BA hacked: 380,000 card payments ‘compromised’ in breach

    September 7, 2018

    Shares of British Airways’ parent company IAG fell around 4% as markets opened on Friday morning, hours after the airline said the credit card information of at least 380,000 customers had been “compromised” in a data theft. More than £500m was wiped of the airline group’s market value as a result, before the share price rallied ...