According to Nextgov, on two consecutive days, the rail firm’s computers were hacked, on the first occasion the attackers managing to delay train circulation by around 15 minutes. The second incident was immediately detected and no delays were recorded.
Even though recently there was a lot of concern regarding the security of critical infrastructures, the transportation sector has been neglected and the effects are already showing.
A memo from the TSA revealed that in this case the attack came from overseas, investigators identifying three IP addresses that were behind the hit.
While the origin of the IPs was not made public, alerts were sent out to several hundreds of railroad companies and other transportation agencies to make sure they keep an eye out for potential threats.
However, additional analysis made by the DHS has shown that the attack may not have been targeted.
“On December 1, a Pacific Northwest transportation entity reported that a potential cyber incident could affect train service,” said DHS spokesman Peter Boogaard.
“The Department of Homeland Security, the FBI and our federal partners remained in communication with representatives from the transportation entity in support of their mitigation activities and with state and local government officials to send alerts to notify the transportation community of the anomalous activity as it was occurring.”
Since they’re not too eager to publicly acknowledge data breaches, it’s unclear if other companies were affected by similar incidents, but it’s clear that the transportation sector needs to put some more effort into security measures before a more serious incident occurs.