Transportation (Includes Logistics, Shipping, Maritime, Rail, Trucking)

Industry

Illegal App Renders 80% of Bicycles Out of Use in Bologna, Italy

June 30, 2024

A pirated app caused the bike-sharing service in Bologna to crash putting most of the bikes out of service. The illegal platform compromised the functioning of the bike sharing service, rendering 80% of the available bikes unusable.

The application in question was available online and allowed users to bypass the security systems of the bike sharing service, unlocking bicycles without the need for a regular subscription or payments. This breach created a significant disservice for the many users who rely on bike sharing for their daily travel around the city.

read more

Multiple Data Breaches at Maritime Industry Authority (MARINA)

June 16, 2024

MANILA, Philippines – The Maritime Industry Authority (MARINA) confirmed that a cyberattack compromised at least four of its systems, becoming the latest victim in a growing list of government agencies that have recently faced data breaches.

The attack, which happened on Sunday, June 16, hit four of MARINA’s “web-based systems.” MARINA’s systems manage various types of information, including vessel registrations, seafarers’ information documents, and record books. MARINA said that it aimed to bring systems back online “to receive and process applications on Tuesday, June 18, 2024.”

On July 4, MARINA assured stakeholders its newly launched, blockchain-enabled online certification system has been made more secure. It now employs a two-factor authentication during log-in. Only MARINA clients are allowed to register and use the program.

read more

Threat Actor targets Russia’s Aviation Sector.

June 7, 2024

A threat actor known as “Sticky Werewolf” is using layered infection chains to compromise organizations involved with Russia’s aviation industry. The group has been around since at least April 2023, and seems to be interested in espionage relating to the conflict between Russia and Ukraine.

The group was targeting public organizations in Russia and Belarus, but recent targets have included a pharmaceutical company and a Russian research institute involved in microbiology and vaccine development. In prior campaigns, Sticky Werewolf phishing emails included links to download malicious files. Now, its infections are notably more complex. The final payload will be some sort of commercial remote access Trojan (RAT).

read more

Multiple Day Outage at Oahu Transit Services.

June 15, 2024

Oahu’s bus and transportation services have been suffering from a network outage that may be a ransomware attack originating in Malaysia -Dragonforce is the alleged hacker group . “Oahu Transit Services’ (OTS) online services including the www.thebus.org website, HEA, and related real-time transit and GPS apps are currently unavailable,” the statement said.

read more

Massive Data Leak after Cyberattack at Kenya Airways

December 30, 2023

Kenya Airways appears to have been hit by a cyberattack by Ransomexx ransomware group on December 30, 2023 leading to a massive data leak including highly sensitive and confidential data that they uploaded on the dark internet.

The airline now suffers the aftermath of a targeted cyberattack that has exposed sensitive information. Exposed documents encompass a wide array of highly sensitive information, from aircraft accidents and investigations into employee misconduct to confidential agreements, insurance policies, passwords, and customer complaints.Documents leaked cover aircraft accidents, investigation reports into employee misconduct like fraud, theft, policy violations.

read more

Phishing Attack Hits South African Railways

February 2, 2024

South Africa’s railway agency, PRASA, recently disclosed a significant loss of $1.6 million due to a phishing scam in its annual report. Despite efforts to recover the stolen funds, just over half has been successfully retrieved, leaving the investigation ongoing. While details of the attack remain undisclosed, security experts suspect insider involvement, underscoring the importance of addressing insider threats within organizations.

read more

Hacktivists Claim DDoS Attacks on stateowned airline FlyDubai

February 5, 2024

United Arab Emirates’ government-owned airline Flydubai was claimed to be subjected to several distributed denial-of-service attacks by the self-proclaimed hacktivist operation Anonymous Sudan.

FlyDubai has yet to respond to the claimed compromise by Anonymous Sudan.

read more

SAS Scandinavian Airlines’ App Compromised by a Cyberattack

February 14, 2024

SAS Scandinavian Airlines was hit by a cyber attack on February 14th, compromising its app. The airline was said to be working on a solution, with reports saying that the problem was fixed to a large extent. Still, SAS warned that the attack may have targeted customer data following the breach.

read more

DDoS Attack Disrupts Copenhagen Airport

February 25, 2024

The Copenhagen airport experienced a significant cyberattack on a Sunday, causing widespread chaos as Denmark’s largest airport grappled with the aftermath. Identified as a denial of service (DoS) attack, the attack targeted the airport’s digital infrastructure, rendering its official website inoperative and leaving passengers and officials struggling for alternatives.

Airport authorities redirected passengers to a smartphone app for flight updates, highlighting the vulnerability of critical systems and the disruptive potential of cyber threats.

read more

German Railway Company Transdev Website Access Restricted

January 8, 2024

An online attack on the railway company Transdev has temporarily led to restrictions on the websites of the Nordwestbahn and the Rhein-Ruhr-Bahn on Monday and Tuesday.

The attackers had directed a spam wave at forms on the Nordwestbahn page on Monday morning, Transdev announced on Tuesday on request. The measures undertaken were gradually reduced the next day. “The Rhein-Ruhr-Bahn, the website is accessible again without problems. Only on the Nordwestbahn website, increased protective measures are currently still ongoing, which are still being readjusted,” it was said.

read more