https://wtop.com/tracking-metro-24-7/2019/03/why-metro-is-trying-to-hack-into-its-own-railcars/
By Max Smith
WTOP.com
March 15, 2019
Metro plans to hack its own new 7000 Series railcars over the next few months
to figure out whether missing cybersecurity requirements in the contract left
Metro data exposed or riders at risk.
The "penetration testing" will be completed by the end of August, a response to
Metro’s Office of Inspector General said. The last of the 748 new railcars are
due to be delivered within the next year.
"While it is too late to affect the procurement, we will be able to leverage
this test to identify any severe cybersecurity vulnerabilities in those cars
and begin the process of remediation," the management response said.
Such "white hat" hacking is a common cyber defense tool, and it's extremely
important now because Metro had no specific cybersecurity requirements in place
for contracts beyond some vague references, Inspector General Geoff Cherrington
said.
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
