Hackers Manipulated Railway Computers, TSA Memo Says 116
An anonymous reader sends this excerpt from Nextgov:
"Hackers, possibly from abroad, executed an attack on a Northwest rail company's computers that disrupted railway signals for two days in December, according to a government memo recapping outreach with the transportation sector during the emergency. ... While government and critical industry sectors have made strides in sharing threat intelligence, less attention has been paid to translating those analyses into usable information for the people in the trenches, who are running the subways, highways and other transit systems, some former federal officials say. The recent TSA outreach was unique in that officials told operators how the breach interrupted the railway's normal activities, said Steve Carver, a retired Federal Aviation Administration information security manager, now an aviation industry consultant, who reviewed the memo."
Re:Why... (Score:4, Interesting)
Here here! In addition they have their own swath of wireless bandwidth for their radios that could be reapportioned for this by going to digital radios.
Re:You never know... (Score:5, Interesting)
Trains, in my buildings?
It's more likely than you think.
Re:Why... (Score:5, Interesting)
Re:Why... (Score:4, Interesting)
Sounds awfully simliar to... (Score:4, Interesting)
Train control has gone Linux/Ethernet/IP (Score:5, Interesting)
Railroad signalling used to be all special purpose hardware. Not any more. Here's the "VitalNetâ Wayside Message Server" [ptc-asts.com]. Runs Red Hat Linux. Talks "Interoperable Train Control Messaging" protocol.
It gets worse. Here's a General DataComm unit for railroad signal control. [gdc.com] "SC-ADT ports configured for Telnet/ SSH sessions, for bypass transport (port forwarding), and to convert async PPP data to IP for transport over a cellular data network. SC-ADT managed via Telnet, SSH, SNMP, FTP, TFTP and HTTP from the Dispatch Facility. "
TFTP? FTP? Telnet? What's wrong with this picture?
There's even a hobbyist program for listening in on signal control traffic [atcsmon.com], some of which is passed around on unencrypted radio links.
Sounder Train or Westside Express Service? (Score:4, Interesting)
The article tells us that this event happened to a railroad that (1) is in the Northwest, (2) runs scheduled trains during the workweek (Dec 1 was a Thursday) and (3) has frequent enough service that a 15 minute delay would be noticed.
It appears to me that the railroad described is either Washington State's Sounder Train (en.wikipedia.org/wiki/Sounder_commuter_rail) or Oregon's Westside Express Service (WES) (http://en.wikipedia.org/wiki/Westside_Express_Service).