Welcome to DU! The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards. Join the community: Create a free account Support DU (and get rid of ads!): Become a Star Member Latest Breaking News Editorials & Other Articles General Discussion The DU Lounge All Forums Issue Forums Culture Forums Alliance Forums Region Forums Support Forums Help & Search

mahatmakanejeeves

(61,661 posts)
Tue Jan 16, 2024, 05:42 PM Jan 2024

Transportation System Social Engineering Cyberattacks on the Rise

Hat tip, a mailing list I'm on

Government Technology Safety

Noël Fletcher | Staff Reporter
January 11, 2024 11:15 AM, EST

Social Engineering Cyberattacks on the Rise

Government Transportation Workers Targeted More Frequently



Cordell Schachter, chief information officer at USDOT, says the agency's click rate has fallen by 16%, largely due to increased awareness and phishing tests given to employees. (Noel Fletcher/Transport Topics)

[Stay on top of transportation news: Get TTNews in your inbox.]


WASHINGTON — More government transportation offices are experiencing social engineering cyberattacks by would-be intruders trying to psychologically manipulate employees and contractors into giving away confidential information.

Several speakers at the Transportation Research Board Annual Meeting on Jan. 8 disclosed recent examples of these sophisticated cyberattacks during a panel discussion called “Cyber Resilient Transportation: An Executive Look at the Data and Tools Necessary to Prepare the National Transportation System.”

The “all-too-human fallibilities and vulnerabilities” of the Port Authority of New York and New Jersey’s employees and contractors are being targeted for exploitation by cybercriminals, noted Josh DeFlorio, the port authority’s chief of resilience and sustainability.

“We’ve been subject to malware, ransomware attacks and distributed denial-of-service attacks, but increasingly, and perhaps most disturbingly, we’ve been the subject of significant social engineering attacks as well,” DeFlorio said. ... In social engineering attacks, cybercriminals use their social skills to try interacting with personnel in a targeted organization to obtain information or gain access into its computer systems.

{snip}
Latest Discussions»Issue Forums»Public Transportation and Smart Growth»Transportation System Soc...