Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyberwarfare

Railway Network Disrupted After Cyber Attack, Report Says

Last December, train service and rail schedules were disrupted, according to a TSA memo, after intruders managed to access the network of a rail company in the Pacific Northwest. Initially, the incident was thought to be a targeted attack, but further investigation shows that wasn’t the case.

Last December, train service and rail schedules were disrupted, according to a TSA memo, after intruders managed to access the network of a rail company in the Pacific Northwest. Initially, the incident was thought to be a targeted attack, but further investigation shows that wasn’t the case.

Government News portal, Nextgov, broke the story after they obtained a memo from the TSA that reported on an attack detected at the unknown rail company, which disrupted railway signals for two days, and delayed schedules for about 15 minutes. This occurred on Dec. 1, and the following day a second incident was detected, but it caused no additional disruptions.

Investigators at the TSA reportedly identified three IP addresses, which led them to conclude that the attacks were intentional and originated from overseas. They would not however, mention the IP origin.

“Some of the possible causes lead to consideration of an overseas cyberattack,” the memo explained, offering nothing further.

As it turns out, after talking to the Department of Homeland Security – the agency that manages the TSA – the attack wasn’t as deliberate as it first appeared. Nextgov reports that officials there told them the attacks were a random event.

The dispute was also confirmed on the record to Nextgov, by a spokeswoman for the Association of American Railroads. “There was no targeted computer-based attack on a railroad,” said Holly Arthur.

“Railroads closely monitor cyber security as a fully integrated part of both the industry’s overall security plan, as well as individual company plans. Continuous coordination on cyber security occurs across the industry and with the federal government.” The Nextgov report is here.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Cyberwarfare

WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...

Cyberwarfare

Russian espionage group Nomadic Octopus infiltrated a Tajikistani telecoms provider to spy on 18 entities, including government officials and public service infrastructures.

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Cyberwarfare

Several hacker groups have joined in on the Israel-Hamas war that started over the weekend after the militant group launched a major attack.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Cyberwarfare

The war in Ukraine is the first major conflagration between two technologically advanced powers in the age of cyber. It prompts us to question...

Cybercrime

On the first anniversary of Russia’s invasion of Ukraine, cybersecurity companies summarize the cyber operations they have seen and their impact.

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...