Two Russian Nationals Charged For Hacking Taxi System At JFK Airport (theregister.com) 48
Thomas Claburn reports via The Register: For a period of two years between September 2019 and September 2021, two Americans and two Russians allegedly compromised the taxi dispatch system at John F. Kennedy International Airport in New York to sell cabbies a place at the front of the dispatch line. The two Russian nationals, Aleksandr Derebenetc and Kirill Shipulin, were indicted by a grand jury for conspiring to commit computer intrusions, the US Justice Department said on Tuesday. They remain at large. In early October, the two American nationals, Daniel Abayev and Peter Leyman, who were indicted last year, pleaded guilty, each to one count of conspiring to commit computer intrusions.
The scheme represented an attempt to monetize the demand among taxi drivers for lucrative airport fares -- the current flat rate for JFK to Manhattan is $70 plus additional charges. As described in the indictment (PDF), taxi drivers are required to wait in a holding lot at JFK, often for several hours, before being dispatched in the order of their arrival to airport terminals. And because time spent waiting in line is not paid, drivers have a financial incentive to avoid waiting in line. The conspirators allegedly developed a plan to hack the dispatch system around September 2019. The indictment describes several approaches that were tried, "including bribing someone to insert a flash drive containing malware into computers connected to the dispatch system, obtaining unauthorized access to the dispatch system via a Wi-Fi connect, and stealing computer tablets connected to the dispatch system."
The government's filing suggests that the group gained and lost access to the dispatch system several times. When they did have access, the alleged conspirators offered to move drivers to the front of the dispatch queue for a $10 fee, and waived the fee for those who found other drivers willing to pay to play. Many drivers took advantage of the service. According to the Justice Department, the group booked 2,463 queue cuts in a single week around December 2019. The scheme allegedly enabled as many as 1,000 trips per day that skipped the queue at JFK. The American conspirators are said to have collected the money from participating drivers and to have sent payments to the alleged Russian conspirators, describing the money transfers as "payment for software development" or "payment for services rendered." The indictment indicates that the Russians received more than $100,000 for their work. If apprehended -- which appears unlikely given current US relations with Russia -- the Russians face charges that carry a maximum sentence of ten years in prison. Abayev and Leyman each face up to five years in prison. They're scheduled to be sentenced early next year.
The scheme represented an attempt to monetize the demand among taxi drivers for lucrative airport fares -- the current flat rate for JFK to Manhattan is $70 plus additional charges. As described in the indictment (PDF), taxi drivers are required to wait in a holding lot at JFK, often for several hours, before being dispatched in the order of their arrival to airport terminals. And because time spent waiting in line is not paid, drivers have a financial incentive to avoid waiting in line. The conspirators allegedly developed a plan to hack the dispatch system around September 2019. The indictment describes several approaches that were tried, "including bribing someone to insert a flash drive containing malware into computers connected to the dispatch system, obtaining unauthorized access to the dispatch system via a Wi-Fi connect, and stealing computer tablets connected to the dispatch system."
The government's filing suggests that the group gained and lost access to the dispatch system several times. When they did have access, the alleged conspirators offered to move drivers to the front of the dispatch queue for a $10 fee, and waived the fee for those who found other drivers willing to pay to play. Many drivers took advantage of the service. According to the Justice Department, the group booked 2,463 queue cuts in a single week around December 2019. The scheme allegedly enabled as many as 1,000 trips per day that skipped the queue at JFK. The American conspirators are said to have collected the money from participating drivers and to have sent payments to the alleged Russian conspirators, describing the money transfers as "payment for software development" or "payment for services rendered." The indictment indicates that the Russians received more than $100,000 for their work. If apprehended -- which appears unlikely given current US relations with Russia -- the Russians face charges that carry a maximum sentence of ten years in prison. Abayev and Leyman each face up to five years in prison. They're scheduled to be sentenced early next year.
5 years for cutting the Queue? (Score:2)
Re: (Score:3)
should of paided your bribe to the locals
Re: (Score:2)
Re: (Score:2)
A few years ago, a young lady from that part of the world screamed that I was a racist asshole because I got a cop to write her up for parking her Escalade in a disabled spot.
Re: (Score:2)
I have seen a wheelchair only once coming out of the hundreds of cars I have seen parked in handicapped parking in the Bay Area.
Lots of fat folks with motorized scooters.
Re: (Score:1)
Nobody went to jail for this one:
https://archive.is/LLMG9 [archive.is]
While markets are supposed to ensure transparency by showing orders to everyone simultaneously, a loophole in regulations allows marketplaces like Nasdaq to show traders some orders ahead of everyone else in exchange for a fee.
One rule for the big fish another rule for the small fish...
Yo dawg! (Score:5, Interesting)
Hacking the hacks.
Re: (Score:2)
Re: (Score:1)
Considering that taxi drivers were called "hacks" longer before it was applied to computer gurus...
"Hacks hacking the hackers"
Broken by design (Score:2, Informative)
Instead of ordering taxis by arrival time, the system should have been designed to order them by "bid". In other words, biggest bids move to the front of the line. If the current "high bid" is $20, then a bid of $20.01 would make you #1, even if you just got there.
The hackers were just extracting money that the taxi drivers were willing to pay. Hardly their fault if the dumbasses running the system were not willing to extend the same value.
Re:Broken by design (Score:5, Interesting)
The fact that fares start at $70 and that there are so many taxis waiting for fares that they are willing to resort to such measures indicates that the supposed free market is broken.
This also distorts taxi service for the rest of the city, as you end up with so many taxi drivers sitting queueing for this big fare instead of being available elsewhere in the city.
They need to get rid of the artificially inflated fares, and let supply and demand set the price.
Re:Broken by design (Score:4, Insightful)
They need to get rid of the artificially inflated fares, and let supply and demand set the price.
They did. It's called "Uber".
An Uber from JFK to Manhattan is about $45 non-peak, but can surge to over $100 during busy times, as it should since prices should depend on supply and demand.
Re: (Score:2)
> They need to get rid of the artificially inflated fares, and let supply and demand set the price.
Most countries have tried that at one time or another at their major airports - and it always results in tourists getting ripped off. Ripping off the odd tourist here and there isn't great, but once you get a reputation for it, it's hard to shake it off and it massively affects your economy (assuming tourism is/was a major contributor to it). New York definitely wants tourists - I can't be bothered to googl
Re: (Score:2)
Hmm...I actually didn't know that taxis were really still a thing...?
I've not taken one since Uber/Lyft came onto the scene....so much easier with the app, more responsive, cleaner cars and MUCH more reasonable prices.
I tip well on Uber/Lyft since the actual fare is more reasonable.
Re: Broken by design (Score:2)
I see youâ(TM)ve never actually visited NYC. It is well known for scamming tourists throughout the city. From panhandling to yellow cabs to Chinatown and Times Square.
Re: Broken by design (Score:5, Insightful)
There is already plenty enough competition in driving people for money that it's hanging right there on the It's-not-worth-doing-this line.
Competition drives down costs, but only asymptotically to the cost of production. Double the competition, you get maybe a few cents lower prices, if it's already close to the cost of production.
But you know what doesn't move asymptotically? Incentive to cheat. As this news story illustrates: When you live on the margin, when everyone is barely getting by, those who cheat even a little will have a tremendous advantage. It's the same reason there's so much doping in Tour de France: all the legitimate ways of getting even a tiny edge on your competition have already been exhausted. And the cost of policing, of keeping people honest, quickly eclipses the tiny savings from getting ever so slightly closer to the asymptote.
So your auction scheme would make things worse, I guarantee it. I don't know exactly what way they would find to cheat, but they'd find one. If not they wouldn't be driving for long.
If glibertarians got their way on such things, you'd certainly get cheap taxis, but the only way taxi drivers could make a living was by occasionally selling one of their passengers to the Mafia's kidney harvesting operation.
Re: (Score:2)
This is an internet winner for the day.
Re: (Score:3)
That would simply result in a smaller number of operators paying to put everyone else out of business, and then jacking up their own prices once the competition has been eliminated.
The goal here is to make the airport accessible. A FIFO for taxis makes sense - prices are controlled for customers, the service is provided for the benefit of the airport, and the taxi drivers get fairly compensated without being exploited.
Re: (Score:3)
It has the other advantage/disadvantage of limiting the competition by tolerance for sitting around making no money. This will generally be good until supply is constrained, then getting a cab would be nigh-impossible and the response to the demand would be slow.
Which was the problem with cab services in general pre-Uber. Bunch of dirty cars driven by unpleasant individuals because the economics of the business did not reward correcting these issues.
Unintended Consequences (Score:2)
of the airport demanding a cut of taxi revenue.
Re: (Score:2)
But NY taxi drivers have a union!
The union would also want their cut of the pie.
Yes but it's a castrated union. The medallion owners inherently retain most of the power.
Backstory: NYC 'medallion cabs' are exactly that. Each taxi has a physical, serialized medallion attached to it which grants the 'right' to hire a street-hail taxi in NYC (and exclusively in lower Manhattan). These medallions are considered property, transferrable, lendable, and salable. If you own 10, you can operate 10 taxis 24/7/365 in NYC. There's a total of about 14,000 medallions - a supply that's only increa
Revoke the medallions (Score:4, Insightful)
If you don't revoke the medallions you're just encouraging this type of shit to continue.
Re: (Score:3)
If you don't revoke the medallions you're just encouraging this type of shit to continue.
If you revoke the medallions then you're just encouraging the taxi drivers to form gangs, which will encourage even more of this shit in far greater severity.
If you think there is a flaw with they system, fix the system. Destroying it almost always results in something worse.
Bigger problems (Score:5, Insightful)
Re:Bigger problems (Score:4, Interesting)
This is the reason companies like Uber are able to come in and clean their clocks. Taxi services are often protected by mandated monopolies and have no incentive to get more efficient becuase the drivers have no choice but to participate and the customers have no choice but to pay.
And then Uber comes along and says "Fuck it, we'll pay the fine for just ignoring the system" and clean up leaving traditional drivers in their dust.
None of this is innevitable. I bid on a contract about 12 years ago to implement a phone app for my local taxi company, my suggestion had all the mods and cons that the later Uberapp would have inclluding the tracking map, a fast no-nonsense booking system, and a way to contact drivers. It would have revolutionized their operations and been a huge win for both driver and customer ,and they could have had it for a cool $15K (I figured it was 3 weeks work + 2 weeks of debugging and deployment, and at the time I was charging $3K a week). They went with a very ugly and disfunctional app from my main competitor for $8K that never really worked right and their customers hated it. They didnt like the map because they thought customers just wanted to know one was coming, not how or when. They where paranoid about how easy the payment system was, and most of all they want to go cheap.
And then 3 years later Uber showed up WITH those features and slaughtered them in the market. They lose more per day than they saved going with the cheaper option.
And they'll keep making that mistake forevver until they wake up.
Re: (Score:2)
It's a shame that Uber/Lyft/etc. have developed so many problems over the years cuz the alternative (taxi monopolies) is awful in comparison.
Re: (Score:2)
What's the problem(s)?
They work wonderfully well where I live and wherever I travel.....
Hell, I haven't seen a taxi cab in ages....
Re: (Score:2)
>They went with a very ugly and disfunctional app
Was it New York?
I tried the taxi app in New York the last time I was there. It was crap, didn't work and failed to accept payment.
Re: (Score:2)
Nah, Australia. But I've heard some pretty wild stories about general fuckery in the NYC taxi services so its probably not too far off whatever went wrong there.
Re: (Score:2)
From a passenger's standpoint, the biggest problem with the taxi queues at airports like JFK and LGA is that they are served serially rather than in parallel. Even though there are often long lines of passengers waiting for a cab, the dispatchers serve them one at a time rather than telling the next, say, eight people to line up on the sidewalk and direct eight cabs pull up at once. It's maddeningly slow, pointless, and inefficient.
At PDX they were doing it the buffered parallel way like you described on one of my trips. The problem is they change whatever the scheme is faster than I visit the airport. So every time I arrive, I need to work out however the Lyft/Uber queue works on the day. There are usually some traveler who still think it works the same way as it did the last time they were there and so mess things up by acting accordingly.
It's all one giant scam (Score:4, Interesting)
I had taxi drivers yelling some nasty things at me while I was trying to get a fixed rate to go down to one trade center from central park. I only had like 12 dollars cash, so I went from taxi to taxi asking who was willing to do it for 12 dollars. The first several taxi's said they couldn't tell me how much it would be and it was illegal to offer the ride to someone else in the taxi line. They didn't like it when I found a driver willing to take it, they hurled insults at me and the driver as we drove away.
It's time for payback (Score:2, Insightful)
Very few of these Russian hacker groups ply their trade without the tacit approval of the Russian government. Given that the Ukrainians have pulled down Russia's pants and given it some prison love, why not give Russia a taste of its own medicine, with US-based hackers targeting Russia's supply chains and infrastructure? Putin's invasion is still fairly popular with most Russians because except for families who have lost loved ones in combat, average Russians haven't paid a price.
Re: (Score:2)
Because that will backfire. The Russian people won't blame their government for the hacking, they will blame the US and Ukraine. It will increase support for the invasion by demonstrating to them that Russia is under attack and must defend itself.
Re: (Score:3)
Accurate, but believing this reality distortion field only operates in one direction would be incorrect.
Re: (Score:2)
You going to hack their PDP-11 clones running DECnet?
Re: (Score:2)
why not give Russia a taste of its own medicine, with US-based hackers targeting Russia's supply chains and infrastructure?
It is one thing for Ukraine to hack at Russian targets while they are under invasion from Russia (strike back as best you can...) but it is a far different thing to have the US attack Russia (especially civilian infrastructure).
If you feel yourself justified in taking matters into your own hands and going vigilante I will not stop you, but don't expect the US to look favorably on your work if you get caught.
Re: (Score:2)
Perhaps I'm mis-remembering, but I seem to recall Russian computer experts of one kind or another have been fairly active in anti-US operations over a period of years.
Re: (Score:2)
Yes.
While I think that that should be treated as a serious international incident... it is not the same as what is happening in Ukraine.
Modern pricing.. (Score:2)