Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hackers Manipulated Railway Computers, TSA Memo Says

Posted by Soulskill on from the so-nobody-was-affected dept.

An anonymous reader sends this excerpt from Nextgov: "Hackers, possibly from abroad, executed an attack on a Northwest rail company's computers that disrupted railway signals for two days in December, according to a government memo recapping outreach with the transportation sector during the emergency. ... While government and critical industry sectors have made strides in sharing threat intelligence, less attention has been paid to translating those analyses into usable information for the people in the trenches, who are running the subways, highways and other transit systems, some former federal officials say. The recent TSA outreach was unique in that officials told operators how the breach interrupted the railway's normal activities, said Steve Carver, a retired Federal Aviation Administration information security manager, now an aviation industry consultant, who reviewed the memo."

11 of 116 comments (clear)

  1. Why... by errandum · · Score: 5, Insightful

    Is a computer that controls anything like this connected to the exterior instead of it's own private network?

    Why?!

    1. Re:Why... by Kenja · · Score: 4, Insightful

      So you want to roll out a private network along each mile of rail?

      Why not? In most cases that's where the major fiber cables run any how.

      --

      "Have you ever thought about just turning off the TV, sitting down with your kids, and hitting them?"
    2. Re:Why... by siddesu · · Score: 4, Insightful

      Because when the work is contracted, the work is done in a piecemeal manner in order to show a lower budget to the committee that will be approving funds. Since the budget as a rule is never enough to allow for a proper, safe design, deployment and operation, things are done haphazardly, staff is overworked and/or under-qualified and the requirements change daily and need to be completed yesterday. As a result, you get holes, and holes get exploited.

      Then some politician exploits the news to create yet another committee to investigate and countermeasure the "attacks", leaving even less money for planning and deployment, and creating more opportunities for attacks and for position for his cronies, while maintaining an image of staunch defender of National Security.

      Business as usual.

    3. Re:Why... by Anonymous Coward · · Score: 2, Insightful

      Wouldn't be easier to just setup a VPN and secure the damm thing? I would think that should suffice provided strong security measures are in place.

  2. Well, looks like the TSA got their wish by Scutter · · Score: 4, Insightful

    Now they'll have the excuse they need to do to the rails what they've done to the airlines.

    --

    "Tell me doctor, with all of your defenses, are there any provisions for an attack by killer bees?"
    1. Re:Well, looks like the TSA got their wish by raydobbs · · Score: 4, Insightful

      +1 to this - wishful thinking given form, they are just creaming their shorts over this. It means we can be violently sexually assaulted while trying to board trains, board airlines. Now all we need is them at every bus depot, every subway terminal, all border crossings. We'll be a police state in fear of our government overlords in no time.

    2. Re:Well, looks like the TSA got their wish by ajpuciat · · Score: 3, Insightful

      Just what we need. I am guessing this isn't going to be limited to the rails either. Any mode of transportation utilizing computers will be "under attack," and we're going to stand around and get molested by the TSA. Awesome!

  3. I call bullsh*t by Anonymous Coward · · Score: 0, Insightful

    The only thing they would have access to is the equivalent of log files. We are talking big iron access. The system was designed to keep the system out of reach from anywhere outside the system itself. Developers not on the big iron don't have the access, nor would many have credentials to get anywhere useful. If there is any validity then it means someone with an H1B visa stole credentials and is using someone else's terminal to do anything. Not impossible, just improbable and easy to track down.

  4. Shenanigans! by Kenja · · Score: 4, Insightful

    To me this sounds like some contractor introduced a bug to the system and is attributing the issues it caused to "hackers". If the system is really open to attacks of this nature, then it is fundamentally flawed.

    --

    "Have you ever thought about just turning off the TV, sitting down with your kids, and hitting them?"
  5. Dizzy from the Spin by JoeRandomHacker · · Score: 4, Insightful

    I'm sure that it is coincidence that this sort of story gets publicity now. Nothing to do with countering the bad press the TSA has gotten today. And I'm sure there is no way this sort of thing could be prevented in the future without an all-seeing, all-knowing, all-powerful TSA keeping watch on everyone who decides not to stay in one place all the time. Nothing to see here. Move along. Except for you, and you over there. We'll need you to step over here for a moment...

  6. I worked on these too by Anonymous Coward · · Score: 2, Insightful

    When I worked on these, we had dedicated links (X25 serial in those days).

    There simply is NO EXCUSE for routing stuff like this over the public internet, VPN or not. Even a DDOS on those communications is unacceptable. If the railway techs sent that data across a public network, their employment should immediately be terminated and the railway company liable.