Los Angeles Metro (L.A. Metro), the third-largest transit provider in the nation, recently introduced a new app called LA Secure, which alerts users of cybersecurity threats such as identifying “rogue” networks and malicious links, and allows users to check the legitimacy of suspicious links and sites.
“Overall, as mobility is becoming bigger and bigger parts of our lives, hackers have started focusing more of their attention on trying to use mobility devices to get private data, etc.,” said Shridhar Mittal, CEO of Zimperium, the maker of the cybersecurity technology at the heart of LA Secure.
Public Wi-Fi connections can often be vulnerable spots where hackers prey on users, stealing passwords, or somehow intercepting data, said Mittal.
Users must download the free app to get the added protections and alerts.
"We see LA Secure as another opportunity to provide greater access and equity for our transit customers, many of whom are low-income, do not have their own access to Internet services and depend greatly on public Wi-Fi services,” said Metro CEO Stephanie N. Wiggins, in a statement. “We believe everyone deserves to have a secure online experience on our system and look forward to promoting privacy protections available through this important program.”
A similar app, known as Michigan Secure, was introduced in May 2021 by the state’s chief information security officer. It is intended for local, county and state officials, as well as ordinary residents to work as an added cybersecurity protection.
“Michigan Secure alerts residents to unsecure Wi-Fi networks, unsafe apps in Android, system tampering and more,” said Caleb Buhs, director of communications for the Michigan Department of Technology, Management and Budget. “One key feature to point out is that Michigan Secure protects residents' mobile devices while not collecting or storing personal information.”
So far, some 4,100 downloads of Michigan Secure have taken place, say officials.
“That said, we have recently engaged with a marketing firm to promote the offering and increase our adoption rate of the app,” said Buhs, in an email.
Part of the advantage offered by the L.A. Metro technology is it’s able to monitor cybersecurity in real time.
“Somebody sitting in the train with you, and starts intercepting the data that’s going between your device and those Wi-Fi hot spots, those are dangerous things, and those are happening today,” said Mittal.
A report in December 2021 by the Mineta Transportation Institute at San Jose State University in California called attention to the increasing amount of data collected or managed by transit agencies, in the form of personal identifiable information (PII), financial information from fare payment systems and even movement data. Agencies were encouraged in that report to take steps to ensure the security of this data, often by adding a chief information security officer to its ranks.
And indeed, it’s CISOs who have often been behind steps to add consumer protections like LA Secure or Michigan Secure, said Mittal.
“Most of these CISOs are looking for ways to actually, directly help the citizens as opposed to just trying to protect the government,” he added. “This is a great program for them to go directly and put something out that’s going to help the residents in the city.”