Hackers caused a major traffic jam in Moscow after exploiting the Russian ride-hailing app, Yandex Taxi, to direct dozens of taxis to the same location at the same time on the 1st of September.
Twitter and Reddit posts shared a video showing lines of taxis trying to reach the same destination. This incident added to the well-known heavy traffic in Moscow, which has been ranked number two in the world’s most congested city last year.
Yandex said that “the jam lasted about 40 minutes, and that its algorithm for detecting and preventing such attacks has already been improved to prevent similar incidents in the future.”
The hacktivist group Anonymous, claimed responsibility for the jam on Twitter, though Yandex hasn’t confirmed the claim. Anonymous says “it worked with the IT Army of Ukraine, a loosely organized group of hacktivists that Ukrainian vice prime minister Mykhailo Fedorov helped form when Russia first invaded Ukraine”. These claims remain unverified.
The increasing connectivity, complexity, and digitalization of mobility increases the relevance of cybersecurity, as this incident demonstrates so clearly. The impact of cyber-attacks has only increased lately. The EU has strengthened the current policies by introducing the EU cybersecurity act in 2022. The EU act is a great guideline for the transportation sector to strengthen its policies and regulations.
This particular attack shows how congestion, often talked about in terms of quality of life and pollution, can also be exploited as an attack vector. One might say that we should guard against poor design in infrastructure just as much as we should guard against poor design in the digital sphere. Just as we should focus on secure and resilient built infrastructure, we should build resilient and robust digital infrastructure as well. Weaknesses in both are a vulnerability that can be exploited.
Written by Adeleh Mohammadi,
RISE Mobility & Systems