San Francisco’s subway services were recently the target of a cyber attack by the hackers known as “Andy Saolis”. The attack on the San Francisco Municipal Transportation Agency (SFMTA) resulted in the hackers taking control of 2,112 out of 8,500 devices, shutting down workstations, ticket machines and computers. The hackers demanded a ransom of around $73,000, and the loss in revenue for MUNI amounted to around $559,000 per day.
The SFMTA, also known as MUNI, were caught off-guard, resulting in a significant security compromise, reputational damage, and a large loss of revenue. Now the question is, what lessons can be learnt from this, and how can railway businesses secure themselves against such attacks in the future?
1. There are more risks than ever
Across the railway industry we rely on constant internet access, and connectivity has become vital to many core business functions.
What’s more, with the growth of the Internet of Things, more devices than ever are at risk of malicious attacks.
In the railway industry there are also the specific challenges of remote and small scale networks – for example on rolling stock itself – that are difficult to secure.
Hackers are continually finding new systems that lack sufficient security, and as the San Francisco incident demonstrates, it is just a matter of time before an unsecure system is exploited – and sometimes at great cost.
2. The industry is not ready for today’s cyber security challenges
While it might be easy to point the finger at MUNI’s lack of preparation, the truth is that many companies across the transport industry are unprepared for the cyber security challenges of today.
A study by cyber security experts Raytheon and Ponemon claims that 66% of organisations are not ready to address security issues for remote assets.
MUNI were the unfortunate victim this time, but cyber crime is becoming ever more sophisticated, and the railway industry needs experts to respond to new threats and help us stay one step ahead.
3. We need cyber security specialists
Alex Cowan, CEO of transport cyber defence experts Razor Secure, has warned rail, aviation and car manufacturers and operators that many more attacks on their distributed IT assets and networks can be expected in the coming year.
In a presentation at the recent Hacktrain 3.0 hackathon, Cowan described how cyber-attacks on transport networks were an ever-increasing threat to the safety of passengers. He said:
“Security vulnerabilities exist in the most unlikely places throughout all transports networks and since these networks are by definition on the move and distributed, they can be much harder to protect. They are characterised by weakness. Attacks on ‘non-critical’ networks, such as entertainment systems or passengers WiFi may seem no more than inconvenient at the time but they can be a path to much greater access for the hacker.”
Leading the technology and innovation revolution in the railways
Join a network of 20,000 innovators and key decision makers