Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyberwarfare

Railway Network Disrupted After Cyber Attack, Report Says

Last December, train service and rail schedules were disrupted, according to a TSA memo, after intruders managed to access the network of a rail company in the Pacific Northwest. Initially, the incident was thought to be a targeted attack, but further investigation shows that wasn’t the case.

Last December, train service and rail schedules were disrupted, according to a TSA memo, after intruders managed to access the network of a rail company in the Pacific Northwest. Initially, the incident was thought to be a targeted attack, but further investigation shows that wasn’t the case.

Government News portal, Nextgov, broke the story after they obtained a memo from the TSA that reported on an attack detected at the unknown rail company, which disrupted railway signals for two days, and delayed schedules for about 15 minutes. This occurred on Dec. 1, and the following day a second incident was detected, but it caused no additional disruptions.

Investigators at the TSA reportedly identified three IP addresses, which led them to conclude that the attacks were intentional and originated from overseas. They would not however, mention the IP origin.

“Some of the possible causes lead to consideration of an overseas cyberattack,” the memo explained, offering nothing further.

As it turns out, after talking to the Department of Homeland Security – the agency that manages the TSA – the attack wasn’t as deliberate as it first appeared. Nextgov reports that officials there told them the attacks were a random event.

The dispute was also confirmed on the record to Nextgov, by a spokeswoman for the Association of American Railroads. “There was no targeted computer-based attack on a railroad,” said Holly Arthur.

“Railroads closely monitor cyber security as a fully integrated part of both the industry’s overall security plan, as well as individual company plans. Continuous coordination on cyber security occurs across the industry and with the federal government.” The Nextgov report is here.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn how the LOtL threat landscape has evolved, why traditional endpoint hardening methods fall short, and how adaptive, user-aware approaches can reduce risk.

Watch Now

Join the summit to explore critical threats to public cloud infrastructure, APIs, and identity systems through discussions, case studies, and insights into emerging technologies like AI and LLMs.

Register

People on the Move

Jessica Newman has joined Sophos as General Manager of Global Cyber Insurance.

Breach and attack simulation solutions provider AttackIQ has appointed Pete Luban as Field Chief Information Security Officer.

Matthew Cowell has assumed the role of VP of Strategic Alliances at Nozomi Networks. He previously served in the same role at Dragos.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.