RAIL
Rail operators that support major hubs and cities worldwide are prime targets for threat actors. Likewise, freight rail, together with trucking, maritime shipping, ports, and warehousing constitute the intermodal transportation network, which is the foundation for the modern global economy and global supply chain. This global supply chain has come under increasing kinetic and cyber threat due to geopolitical pressures. The combination of equipment with a long lifecycle, complex supply chains and architectures, and the critical nature of rail services explains why rail networks so often face significant security breaches leading to data theft, network compromise, and ransomware blackmail attempts. Cybersecurity in railways is becoming a growing issue for a number of reasons, such as: interconnectivity, state-of-the-art technology, sophistication of cyberattacks, and increased value of rail assets.
For decades, IOActive has supported the rail transportation industry by providing cybersecurity and risk management support to OEMs, suppliers, and vendors.
We have conducted security assessments for locomotive systems and hardware including event recorders, train door control systems, remote control and distributed power networks, and dispatch setups.
Furthermore, our security experts have developed attack scenarios to measure the security of Positive Train Control (PTC) systems and have performed penetration tests for locomotive monitoring software and both web and cloud-based systems. In addition, we have conducted wireless and RF locomotive security assessments.
During our assessments, we are able to assume the posture of external attackers to simulate real-world threat scenarios, exposing weak security controls and vulnerabilities, and providing recommendations for resolution.
IOActive is a member of American Public Transportation Association (APTA’s) Control and Communications Security (CCSWG) Working Group. For the past 14 years, the CCSWG has published white papers and recommendations for Transit cybersecurity practices.
In October 2023, the Transportation Security Administration (TSA) updated three security rail directives to further enhance cybersecurity preparedness and resilience for the nation’s critical railroad operations, with the goal to reduce the risk cybersecurity threats pose to critical railroad operations and facilities:
- Enhancing Rail Cybersecurity
- Enhancing Public Transportation and Passenger Railroad Cybersecurity
- Rail Cybersecurity Mitigation Actions and Testing
Related Resources / Research:
- APTA Cybersecurity Resources
- TSA renews cybersecurity requirements passenger and freight railroad (Press Release)
- TSA Security Directives and Emergency Amendments
IOActive’s cybersecurity expertise allows us to assist our customers with managing current and emerging threats, safeguarding supply chains, end users, customers, and society at large.
At IOActive, we take pride in supporting our transportation clients, assisting them to identify and manage the risks to their transportation networks and products worldwide.
Through our dedication to groundbreaking research, IOActive conducts research into vulnerabilities and risk factors that enhance global security standards and protocols. That is why the Global 1000 trusts us to help protect their assets, supply chains, and customers.