Transportation Industry Remains a Target for Cyberattacks

technology background

The transportation industry is among those most at risk for a cyberattack, with cybersecurity data from the IBM X-Force Threat Intelligence Index showing that transportation moved from the No. 10 to the No. 2 most-attacked industry in 2018.

The 2019 Verizon Data Breach Investigations Report shows that among all cyberattacks:

  • 69% were perpetrated by outsiders
  • 34% involved internal actors
  • 2% involved partners
  • 39% of breaches were a result of organized criminal groups
  • 52% of breaches featured hacking
  • 33% included social attacks
  • 28% involved malware.

The Verizon report said ransomware attacks are still going strong, and account for nearly 24% of incidents where malware was used. The report added that ransomware remains a serious threat to all industries.

The Verizon report noted that click-through rates on phishing simulations for data partners fell from 24% to 3% during the past seven years. However, 18% of people who clicked on test phishing links did so on mobile devices. “Research shows mobile users are more susceptible to phishing, probably because of their user interfaces and other factors. This is also the case for email-based spear phishing and social media attacks,” the report said.

During a conference on fleet data management and cybersecurity strategies hosted by the American Trucking Association’s Technology & Maintenance Council earlier this year, cybersecurity experts, including those from the FBI, U.S. Department of Homeland Security and the Transportation Security Administration, outlined several steps those within the industry can take to protect themselves from cybersecurity breaches.

Anthony Lichiello, a cybersecurity expert for the FBI, said no one should pay a ransom if a ransomware attack occurs. “What the FBI would encourage you to do is have multiple stages of backup,” he said.

Steven Geraldo, a cyber analyst with the Department of Homeland Security, told attendees to call on DHS Cybersecurity and Infrastructure Security Agency experts if an issue occurs.

Penske has undertaken several measures to address security and has invested in multiple technologies to minimize the risk of a data breach. One technology features a robust email filtering process to get rid of spam and any malware content. The system uses behavioral-based detection methods to identify dangerous software.

To guarantee systems don’t go down and prevent any loss of data, Penske utilizes two data centers that back each other up continuously. Data replication is going on in both locations all day every day, and Penske performs regular drills, transitioning operations from one data center to another. That ensures the company could recover quickly if there were ever a weather event or fire that compromised one location.

Penske also regularly audits the security systems to gauge how easily they could be compromised. PCI- and CISSP-certified security experts, who are sometimes referred to as professional hackers, perform a penetration test of the systems to help IT staff identify and correct any concerns.

Penske also limits the sensitive data it stores, and the company avoids keeping credit card data on file. If sensitive information is needed, it is encrypted. This ensures Penske is protecting its customers’ payment information as well as customers’ tax info, maintenance records and licensing details.

To further improve security, only employees who need access to certain information have it, which minimizes risk. To prevent unauthorized users from accessing information, accounts are tied to Penske’s human resources system to ensure access is only given to appropriate employees. Quarterly audits on privileged system accounts and annual audits of all users on critical systems ensure data remains safe.

December 2019