Share this article on:
Two men were charged late last month over a scheme involving gaining access to the taxi dispatch system at JFK International Airport in the United States. The pair worked with an unnamed Russian hacking group to allow taxi drivers to jump queues and gain faster access to pickups from the airport.
Peter Leyman and Daniel Abeyev were arrested on the 20th of December last year. The Russian hackers who worked with them, however, remain at large.
The pair’s scheme operated for two years, between September 2019 and September 2021.
Normally, when a cab arrives at JFK, it enters a holding lot where it must wait before being contacted by the airport’s dispatch system and then being sent to a terminal. Generally, cabs are assigned on a first come, first served basis.
Leyman and Abeyev had already tried a number of ways to get access to the dispatch system before contacting their Russian partners, including bribes to insert a USB key into the system and stealing tablets connected to the system. But in November of 2019, Abeyev contacted the Russian hackers via a messaging app.
“I know that the Pentagon is being hacked[.]. So, can’t we hack the taxi industry[?],” he asked, in Russian.
Once the Russians had gained access to the dispatch system for them, the two men used a large group chat to offer expedited fares to drivers via a large group chat. They would announce “Shop open”, and then for US$10 — out of a US$52 flat fee for airport pickups — drivers could effectively jump the queue.
Other drivers were not charged but were asked to promote the scheme to other drivers instead. The scheme allegedly allowed as many as 1,000 drivers to skip the queue each day it was in operation.
“For years, the defendants’ hacking kept honest cab drivers from being able to pick up fares at JFK in the order in which they arrived,” said Damian Williams, attorney for the Southern District of New York. “Now, thanks to this office’s teamwork with the Port Authority, these defendants are facing serious criminal charges for their alleged cyber crimes.”
Both men have been charged with two counts of conspiracy to commit computer intrusion, and if convicted, could face up to 10 years in prison.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.