The directive is part of a wider administration effort to build resilience across a series of critical infrastructure sites nationwide.
The Transportation Security Administration issued long-awaited directives Tuesday designed to enhance the cyber resilience of the nation’s freight and passenger rail systems. The measures are part of a wider effort by the Biden administration to protect critical infrastructure against malicious hacks.
Passenger and freight rail operators will be required to develop a TSA-approved Cybersecurity Implementation Plan, which describes specific measures the company is taking.
Companies will also need to establish a Cybersecurity Assessment Program, which will be used to conduct proactive testing and regular audits of cybersecurity upgrades and check for vulnerabilities in various systems, devices and networks.
“The nation’s railroads have a long track record of forward looking efforts to secure their network against cyberthreats and have worked hard over the past year to build additional resilience,” TSA Administrator David Pekoske said in the announcement Tuesday. “This directive, which is based on performance-based measures, will further these efforts to protect critical transportation infrastructure from attack.”
The Biden administration’s efforts to protect key critical infrastructure providers stepped up folliowing the 2021 ransomware attacks on Colonial Pipeline and meat supplier JBS USA.
The measures, designed with the Cybersecurity and Infrastructure Security Agency and the Federal Railroad Administration, are intended to protect vulnerable systems that are essential to making sure trains run safely and on time.
They will specifically help address the following issues:
The TSA in December 2021 announced new directives and voluntary guidelines to boost passenger rail and higher risk freight security, primarily addressing incident reporting and coordination.
Josh Lospinoso, founder and CEO of Shift5, noted the nation’s rail industry has faced serious threats in recent years, pointing out an April 2021 attack on the Metropolitan Transportation Authority in New York by suspected state-linked hackers and a ransomware attack against the Santa Clara Valley Transportation Authority.
“The growing frequency and severity of attacks is a national security concern,” Lospinoso said via email. “Rail serves as a critical enabler of our nation’s economy.”
The rail industry was already under tremendous pressure this year, as the industry faced a potentially crippling strike by tens of thousands of workers before a deal was reached in mid September.
The Association of American Railroads said there is no higher priority for the rail industry than the safety and security of its national network.
“Collaboration between railroads and government partners on these issues has a long, productive history that will continue to maintain and advance the smart, effective solutions to keep our network safe and freight moving,” the association said in a statement.
Get the free daily newsletter read by industry experts
Threat actors lean heavily on phishing attacks, vulnerabilities in software and containers, and stolen credentials, according to top cyber vendor research.
The latest incident at Marriott is relatively minor compared to major breaches in late 2018 and early 2020, but it signals a pattern of neglect.
Keep up with the story. Subscribe to the Cybersecurity Dive free daily newsletter
Keep up with the story. Subscribe to the Cybersecurity Dive free daily newsletter
Subscribe to Cybersecurity Dive for top news, trends & analysis
Get the free daily newsletter read by industry experts
Threat actors lean heavily on phishing attacks, vulnerabilities in software and containers, and stolen credentials, according to top cyber vendor research.
The latest incident at Marriott is relatively minor compared to major breaches in late 2018 and early 2020, but it signals a pattern of neglect.
The free newsletter covering the top industry headlines
