JFK Taxi Scheme – Dispatch System Gets Hacked

Dec 28, 2022 | Industry News

By Mary Grlic

The United States Department of Justice recently announced the arrest of two men for, “conspiring with Russian nationals to hack the taxi dispatch system at JFK airport.” The suspects, Daniel Abayev and Peter Leyman, both from Queens, New York, hacked into JFK’s NYC taxi cab dispatch system to make modifications so that certain taxi drivers could go to the front of the line. This crazy scheme shows just how important it is to protect critical infrastructure, and just how easy it was for outsiders to gain access over these systems. 

What happened?

Taxi drivers typically wait in a holding lot before dispatching. To make things fair, a computer system ensures that each driver leaves in the order in which they arrived. This way, a single driver doesn’t get more rides or receive an abnormally higher fare in comparison to others. Abayev and Leyman hacked the system so that drivers could head to the front of the line – which could last up to several hours – without waiting in the queue. 

How did they do it?

Drivers would secretly pay $10 just to cut ahead and avoid the long lines. They would communicate via group chat, where Abayev and Leyman would tell the drivers that the shop was “open” when they had control of the system for the day, according to the indictment. To avoid detection from law enforcement, they sent a series of messages, like “Do not wait at the gas station in JFK… You have to be very, very careful.” The scheme itself spread through word of mouth. Members of the scheme waived the $10 fee for some drivers so that they would recruit other taxi drivers to come in and join the scheme. This way, they could get more and more drivers to become a part of the cab scheme. The conspirators registered somewhere near 1,000 vehicles on a given day – that means $10,000 each day.

This scheme is nothing new. In fact, it has been going on since 2019. Abayev wrote to his Russian contacts back in November 2019, “I know that the Pentagon is being hacked… So, can’t we hack the taxi industry[?]” The two men used a few ways to hack into JFK’s taxi dispatch system, allowing them to keep the scheme going for about two years. For instance, they bribed someone to use a malware-infused USB drive on one of the dispatch operator’s devices. They also gained unauthorized access to the system via Wi-Fi and stole a tablet to gain access. Both men were charged with two counts of conspiracy and can face up to 10 years in jail.

Transportation as a Targeted Industry

John F. Kennedy International Airport is one of the largest airports in the country, located in Queens, NY. With so many people flying in and out of the airport, the taxi system certainly makes some substantial money transporting individuals to their requested destinations. The current taxi dispatching system has been around for nearly 30 years. The Port Authority says that the system dispatches somewhere between 300 and 400 taxis during peak periods. It’s clear that JFK is a busy hub, making it a valuable target to hackers. As mentioned earlier, the taxi dispatch queue could last up to several hours. That’s a lot of time for drivers to be waiting in a cab. Keeping that in mind, it’s tempting to fall into such a scheme. With such a large number of taxi cabs, JFK was a clear target.

The taxi scheme leads to a lot of questions: just how secure was the dispatch system to begin with? Is the transportation sector well protected from cyber attacks? What else could have transpired without proper action? This is just another of the many examples of a cyber attack. Hackers were able to defraud an established transportation network using computers.

Cyber attacks and hacking are becoming threats for various sectors and the transportation industry certainly isn’t out of the question. This includes small and large transportation agencies, port authorities, the aviation sector, railways, and even roads. Cyber attacks on that infrastructure are only rising in numbers. The Port of Los Angeles, for example, is fighting more than 40 million cyber attacks a month. 

How could this be avoided?

Good cybersecurity practices and IT infrastructure will help the transportation industry avoid situations like these. This isn’t the first instance of a cyber breach in the transportation sector. For example, in 2021 a cyber attack on the Metropolitan Transport Authority (MTA) threatened three devices for several days. The MTA claims that that the hackers did not steal any customer data or tamper with their critical system. Even though the situation was not dire, the threat is proof that the transportation industry is surely not immune to cyber risks like these.

Technologies change frequently, so keeping any dispatch systems up to date is essential to prevent attacks like this from happening. Having secure software and hardware will work best to protect industries. In the JFK hacking scheme, the conspirators not only accessed the dispatch system but also stole a tablet. Having proper verification to log into a device is essential to make sure that there is no unauthorized access. Using two-step authentication is the best way to protect accounts from hacking. A USB security key is one of the best examples of multi-step verification. This way, the computer could not be logged into unless it was by an authorized person.

Keeping devices stowed away in a secure environment is also essential. In the transportation industry, it may be difficult to do so with so many moving parts. But this event could have been avoided to some extent if devices were more securely hidden or protected. The lack of security meant that the hackers were easily able to steal credentials and install malware on the computers. Knowing they can do so, it’s probable that they could do something even worse, like installing ransomware and putting the entire industry at risk.

Malvertising Is Trendy Again; Meet the Rhadamanthys Stealer

Malvertising Is Trendy Again; Meet the Rhadamanthys Stealer

Cybercriminals’ Latest Illusion There’s a relatively new cyberattack technique that you should be cognizant of and it’s called malvertising (malicious advertising), which injects malicious code into digital ads. The most disturbing aspect of malvertising is that, in...

The Evolution of Ransomware

By Mary Grlic Ransomware has become far more of a threat than ever before for countless companies. As technologies evolve, cyber threats unfortunately become more common. Even newer security methods are sometimes not enough, as hackers could always be one step ahead....

Sonicwall Cyber Threat Report

By Mary Grlic Sonicwall’s recent mid-year cyber threat report details the danger of cyberattacks in 2022. With cyber threats becoming an increasingly concerning risk, Sonicwall’s report is especially important. Understanding these sorts of threats can help businesses...