It is a fact that Internet communications are ever more present in our entertainment, work and social interactions. As a result, the telecommunications industry is a continuously changing and growing sector where huge resources are devoted to research and development to create increasingly advanced and efficient solutions.

However, not all users use networks for lawful purposes. Those that engage is this kind of activity are known as “hackers”, and the fallout of cyberattacks can have serious financial, operational and reputational impacts on businesses. It is now, therefore, imperative that companies adopt suitable security measures to safeguard against cyberattacks.

Cyberattacks on public transport

In June 2022, a cyberattack perpetrated against a public transport company was to have serious consequences. Indeed, systems and applications essential for the service were rendered inoperative. Among the affected services were the GPS system, which records routes, where tampering led to long transportation delays, and ticketing services, which made it impossible to pay by card on the entire bus fleet affected by the cyberattack. It is estimated that the attack produced a fall in turnover of more than 35% for the public transport operator during the peak use period.

Description of onboard services prone to cyberattack

As seen in the case of the transport operator, and just like with any other connected electronic system, buses are vulnerable to cyberattacks. These attacks can have serious consequences in terms of security, privacy and service continuity. Here we will take a closer look at the systems of the most vulnerable onboard services or those that have the worst consequences after suffering a cyberattack:

• Bus control systems: which can be compromised by outside attackers and used to alter the bus’s speed, steering or safety systems (mainly in Smart-Cars).
• Infotainment: entertainment systems providing passengers with a combination of onboard information and entertainment can be hacked and used to transmit unwanted information or spread malware.
• Monitoring systems: security cameras and GPS tracking systems and sensors, which can be compromised and used to collect sensitive information or monitor onboard activity.
• Pay information systems: payment terminals, ticketing systems and mobile applications, which can be hacked and used to steal credit card information or commit fraud.

It is important to note that cyberattacks can have serious consequences in terms of passenger safety, privacy and service continuity. Therefore, there is an urgent need to implement adequate security measures to ensure buses are protected against these attacks.

NGFW in buses or emergency vehicles

A Next-Generation Firewall (NGFW) is an advanced firewall option that combines firewall technologies with other network security features. Some key features of an NGFW include:

• Deep packet inspection: The NGFW analyzes every data packet entering or leaving the network to detect and block known and unknown threats.
• Application and content control: The NGFW can control and block application and content traffic based on the security policies configured by the administrator.
• Integration with detection and response systems (IDS/IPS): The NGFW can be integrated with detection and response systems to automatically detect and mitigate security threats.
• Real-time threat analysis: The NGFW can use artificial intelligence and machine learning techniques to detect and block threats in real time.
• VPN encryption and security: The NGFW can provide encryption and security for VPN connections and for traffic entering and leaving the network.
• User authentication and authorization: The NGFW can be integrated into user authentication and authorization systems to ensure only authorized users gain access to the network and its resources.

In short, an NGFW is an advanced firewall that provides comprehensive and effective protection against network security threats.

Today, communications play a fundamental role for all public transport users and, in such environments, having a cybersecurity system at the cutting edge of technological developments is key.

Teldat has invested heavily in innovating and developing a cybersecurity system for the OT environment (operational technology) that protects the data of more and more users every day.

Sources

https://alicantepress.com/art/47956/la-empresa-de-autobuses-de-alicante-sufre-un-ciberataque#:~:text=El%20grupo%20Vectalia%20sufri%C3%B3%20un,y%20la%20movilidad%20en%20Alicante.

https://cadenaser.com/comunitat-valenciana/2022/06/30/un-ciberataque-complica-la-circulacion-del-transporte-urbano-e-interurbano-en-alicante-radio-alicante/