On first of September the ride-hailing service ‘Yandex Taxi’ got hacked by Anonymous and the IT Army of Ukraine. Attack details have not been published, but they claim to have hacked the mobile application. The details available are that the attackers made a huge number of bogus taxi orders to the city centre of Moscow, which led to a massive traffic jam. A video on Twitter shows a taxi driving past the other dozens of taxis going the same direction within the traffic jam caused by the hack.
This hack highlights the impact on a sociotechnical system – that such attacks can have a direct impact on our mobility and can potentially have severe consequences, when considering, for instance, emergency vehicles not being able to get to the accident location, the fire, or back to the hospital in time.
This, however, is not the first time that the consequences and vulnerabilities in mobility solutions were demonstrated. As early as in 2020 a Berlin-based artist, Simon Weckert, demonstrated that he could cause a traffic jam to be shown in Google Maps by carrying a cart with 99 second-hand phones along an empty street. This information could in turn change the route planning and make the map provider re-route the traffic through another route, for example, narrow streets in the city centre. Other attack examples aiming to disrupt our mobility are, for instance, ways to falsely tell vehicles that all charging spots are taken.
These attacks and more highlight that future mobility solutions must integrate their services in some way in order to be able to identify such attacks which are targeted either at spreading misinformation or are subject to a cyberattack. The term information resilience can be used in such a context and highlights that (future) mobility solutions need to have means to verify events with other sources (or services) to limit the impact of such attacks.
Written by Thomas Rosenstatter