http://www.nextgov.com/nextgov/ng_20120123_3491.php
By Aliya Sternstein
Nextgov
01/23/2012
Hackers, possibly from abroad, executed an attack on a Northwest rail
company's computers that disrupted railway signals for two days in
December, according to a government memo recapping outreach with the
transportation sector during the emergency.
On Dec. 1, train service on the unnamed railroad "was slowed for a short
while" and rail schedules were delayed about 15 minutes after the
interference, stated a Transportation Security Administration summary of
a Dec. 20 meeting about the episode obtained by Nextgov. The following
day, shortly before rush hour, a "second event occurred" that did not
affect schedules, TSA officials added. The agency is responsible for
protecting all U.S. transportation systems, not just airports.
"Amtrak and the freight rails needed to have context regarding their
information technical centers," the memo stated. "Cyberattacks were not
a major concern to most rail operators" at the time, adding, "the
conclusion that rail was affect [sic] by a cyberattack is very serious."
While government and critical industry sectors have made strides in
sharing threat intelligence, less attention has been paid to translating
those analyses into usable information for the people in the trenches,
who are running the subways, highways and other transit systems, some
former federal officials say. The recent TSA outreach was unique in that
officials told operators how the breach interrupted the railway's normal
activities, said Steve Carver, a retired Federal Aviation Administration
information security manager, now an aviation industry consultant, who
reviewed the memo.
[...]
_____________________________________________________
Did a friend send you this article? Make it your
New Year's Resolution to subscribe to InfoSec News!
http://www.infosecnews.org/mailman/listinfo/isn
