In two separate ransomware attacks earlier this year, cyber criminals disrupted operations at the Colorado Department of Transportation (CODOT) for several weeks.
In this case, the damage was not as detrimental as it could have been but it still begs the question: are the defenses of our local and state transportation systems sufficiently protected to withstand a cyber attack, or is the infrastructure of our transportation systems an easy and porous target for cyber criminals?
Besides the CODOT incident, there have been a number of other cybercrime attacks on transportation systems recently.
Back in 2016, the light rail system in San Francisco was hacked halting access to agency emails and the computer system while hackers demanded bitcoin payment to unlock the hacked computer systems (which the department refused to pay).
The city of Atlanta’s department of transportation was hit too and took months to recover from the ransomware attacks that disrupted operations and interfered with services.
These are just a few of the many reported examples of hacking to transportation systems. The transportation sector is particularly vulnerable to cyber attacks in part because of the inherent dependence on technology.
According to the Transportation Systems Sector-Specific Plan published by Homeland Security and the U.S. Department of Transportation, this vulnerability is due to the “...growing reliance on cyber-based control, navigation, tracking, positioning and communications systems, as well as the ease with which malicious actors can exploit cyber systems serving transportation.”
The fallout from cyber attacks can sometimes be felt by organizations for many months.
In addition to service interruptions, cybercrime can also impact daily operations and result in the exposure of sensitive data. Below are sample impacts of cyber attacks in the transportation sector:
- Disruption to traffic lights, toll booths and electronic traffic signs
- Interruption of ticket machines and fare gates
- Blocked access to important files and data
- Theft of sensitive information from emails
- Interruption of payroll services
- Theft of personally identifiable information (“PII”)
- Blocked access to computer systems, resulting in employees using personal devices for work
The greatest fear faced by transportation agencies is the potential for accidents, mass chaos, and even injuries or loss of life due to disruptions to critical infrastructure.
Many of the systems utilized by the transportation sector were put in place decades ago with no thought of cybersecurity.
The Transportation Systems Sector-Specific Plan specifically points out the elevated risk in transportation due to the aging infrastructure used across the industry. In fact, in cases where transportation entities have adopted new technology, it has generally been with the goal of increasing efficiency rather than protecting against cyber threats.
Another challenge is that some legacy transportation systems now interface with public applications for ticketing and scheduling and rely on networked devices for routing, positioning, tracking and navigation.
This presents multiple potential entry points for hackers.
Strategies and Solutions
A robust risk management program often begins with a full security risk assessment of all systems to better understand any uncover all vulnerabilities. A thorough review should be done of all networked devices. Since obsolete operating systems are easy targets for attacks, they should always be patched or updated.
Also, all IoT devices and applications connected to back end systems should be locked down. With the growth of “smart cities”, it is likely that greater number of municipal systems will be connected, potentially further increasing the damage that are caused by attacks to transportation systems.
Attila’s GoSilent products are highly flexible and secure systems by locking down network access and encrypting ALL data.
Learn more about Attila’s GoSilent products and next generation technology.