Cyber-Attack on the Nottingham City Transport System

cioreviewindia Team | Thursday, 29 July 2021, 11:07 IST

Cyber-Attack on the Nottingham City Transport System Two days ago, the NCT (Nottingham City Transport) IT system was attacked. Fortunately, the IT staff had been informed immediately, and they arrived at the site and shut down the system to minimize the losses. Accordingly, no personal information had been stolen or leaked.

Cyber-attacks on transportation systems are not a new or uncommon thing.

Cyber-Attacks on Transportation Systems

67% of transportation agencies do not have cyber crisis protection plans. This resulted and continues to result in constantly being at risk of losing their operational data, financial and employment information, and passenger data. (Source)

A very well-known cyber-attack on a transportation agency is the 2017 cyber-attack on the Sacramento Regional Transit (SaRT). The cyber-attack brought the system to its knees by encrypting and stealing its data.

The Colorado Department of Transportation was attacked in 2018 by the SamSam ransomware virus. The virus affected nearly 2,000 computers, networks, and servers. The state had refused to pay the ransom and instead had to spend $1.5 million to fix the damage that had been done. This attack had taught them a lesson in cybersecurity.

A recent attack in August 2020 took down the real-time bus and rail information of the Southern Pennsylvania Transportation Authority for two full weeks.After the SaRT ransomware attack, it was found out that hackers are able to control the vehicles and brakes.

And the list goes on.

Improving Cybersecurity

A study conducted by the Mineta Transportation Institute concluded that “Just over 80% of agencies that responded to the digital survey believe they are prepared to manage and defend against cybersecurity threats, and yet only 60% have a cybersecurity program in place.”

In order to improve their cybersecurity plans, agencies need to improve their security protocols. One of the most important things is having a strong, reliable network infrastructure.

Companies also need to add another layer of security by using antivirus software. An antivirus will protect the network and the devices from any intrusion in the form of a virus, worm, or malware. In addition, it will develop a firewall with an intrusion detection system to do regular scans and protect the system from any threat.

Check the list of the top Antivirus software of 2021, ranked and rated.

Since many cyber-attacks happen through phishing, companies need to teach their employees, from all departments, all about phishing. Usually, attackers would send emails with misleading links that have malicious software embedded in them. By clicking on these links, attackers gain access to sensitive data and often encrypt it to ask for a ransom. So before anything, employees need to be aware of these hacking givens.

The past year and a half witnessed a rise in cybercrime. As a result, everyone -from companies to agenecies and even individuals- needs to take all possible precautions not to end up being the next victim of a cyber-attack.