Connect with us

Hi, what are you looking for?


IoT Security

Norfolk Southern Says a Software Defect — Not a Hacker — Forced It to Park Its Trains This Week

Norfolk Southern believes a software defect — not a hacker — was the cause of the widespread computer outage that forced the railroad to park all of its trains.

Norfolk Southern train hacking

Norfolk Southern believes a software defect — not a hacker — was the cause of the widespread computer outage that forced the railroad to park all of its trains for most of a day earlier this week.

The railroad said Friday that it traced Monday’s problem to a defect in the software one of its vendors was using to perform maintenance on its data storage systems.

Both the railroad’s primary and backup systems became unresponsive at the same time. The update was made to one system and then automatically copied to the other system allowing the defect to spread. Norfolk Southern didn’t identify the vendor except to call it “a leading global technology provider.”

The railroad, based in Atlanta, reiterated that it has found no evidence that the outage was caused by “an unauthorized cybersecurity incident.”

Norfolk Southern said it has been making progress in clearing up the backlog of trains that accumulated while its network of nearly 20,000 miles of track in the Eastern U.S. was shut down. The railroad has been working to keep its customers updated on their shipments, but it has said the effects of the outage could linger for a couple weeks.

Regulators have been scrutinizing Norfolk Southern’s operations ever since a fiery February train derailment in Ohio forced thousands of people to evacuate their homes because of concerns about the toxic chemicals the train was carrying. The cleanup from that derailment is ongoing.

A package of railroad safety reforms members of Congress proposed after the Ohio derailment has stalled in the Senate and has yet to get a hearing in the Republican-controlled House.

Advertisement. Scroll to continue reading.

Related: Two Men Arrested Following Poland Railway Hacking

Related: New TSA Directive Aims to Further Enhance Railway Cybersecurity

Related: Belarus Hacktivists Target Railway in Anti-Russia Effort

Related: TETRA Radio Standard Vulnerabilities Can Expose Military Comms, Industrial Systems

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.


Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.


Expert Insights

Related Content

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

IoT Security

A vulnerability affecting Dahua cameras and video recorders can be exploited by threat actors to modify a device’s system time.

IoT Security

An innocent-looking portable speaker can hide a hacking device that launches CAN injection attacks, which have been used to steal cars.

IoT Security

Lexmark warns of a remote code execution (RCE) vulnerability impacting over 120 printer models, for which PoC code has been published.

IoT Security

Researchers at offensive hacking shop Synacktiv demonstrated successful exploit chains and were able to “fully compromise” Tesla’s newest electric car and take top billing...

Cybersecurity Funding

Internet of Things (IoT) and Industrial IoT security provider Shield-IoT this week announced that it has closed a $7.4 million Series A funding round,...

IoT Security

Vulnerabilities in electric vehicle charging management systems can be exploited for DoS attacks and to steal energy or sensitive information.

IoT Security

Chinese video surveillance company Hikvision has patched a critical vulnerability in some of its wireless bridge products. The flaw can lead to remote CCTV...