Mass Transit - 23
CYBERATTACKS
WannaCry attack on Deutsche
Bahn illustrates perfectly that
ignorance is not always bliss.
The Deutsche Bahn security
team identified the virus at a
very early stage of the infection.
However, according to an analysis by DB Netz AG cyber expert
Christian Schlehuber, provided
to the Intelligent Rail Summit
2017 in Vienna, the organization had no plans for defending
against such an attack. Moreover, as the attack took place at
night, the team could not reach
relevant management to formulate a plan and receive permission to implement it. Schlehuber
described the company's "incident management processes" as
"challenged."
The Deutsche Bahn experience
underscores the importance of
simulating and emulating various
attack scenarios and developing
comprehensive response strategies in advance.
Securing rail with
active defenses
Faced with the increased threat
of a devastating cyberattack, what
can rail transportation firms do
to protect themselves?
Railroad firms can successfully defend both their IT and
their OT infrastructures against
the most determined attack by
going beyond the static, fixedline defense strategies of conventional cybersecurity. Instead,
rail transport firms should adopt
agile, active cyber defenses based
on data-driven intelligence and
continuous cyber surveillance
that covers not only IT infrastructure but also industrial control
systems, both IP-enabled and
legacy. Cyber surveillance should
also include all interfaces between
IT infrastructure and control and
operational technologies.
Continuous network monitoring, analytics and intelligence enables firms to adopt active defense
strategies against cyberattacks.
Such an approach also opens the
way to intelligence-led and data-driven approaches to technological and legal cyber remedies.
Rail transport companies
must aim for defenses in depth.
Such defenses require identifying all points of vulnerability, in
both operations and information
technology systems, and understanding how they can interact,
possibly in completely unexpected ways. Defense in depth is crucial: It can slow down attackers,
provide early warning and give
defenders the time and space to
organize and implement prepared response plans to defend
rail systems.
Vlad Gostomelsky
is managing
consultant,
Security Consulting
at Spirent
SecurityLabs.
Gostomelsky is a
security researcher
with a passion
for securing
technology that
makes civilized
life possible. He
is focused on
satellite systems
security, SCADA
systems supporting
the critical
infrastructure and
wireless networks.
For more information, visit www.MassTransitmag.com/10065485
DECEMBER 2019/JANUARY 2020 | MassTransitmag.com | Mass Transit |
23
�
http://wash-bots.com
http://www.MassTransitmag.com/10065485
http://www.MassTransitmag.com
Mass Transit
Table of Contents for the Digital Edition of Mass Transit
Editor's Notebook: A Glance Back Before Moving Ahead
People & Places: The Latest Industry and People News and Updates
From Smart City to Hyperconnected City - What's Next in Digital Innovation?
A Service Turnaround: How King County Metro is Making its Paratransit Service More than a Solution
Securing the Railroads from Cyberattacks
Products: In Focus - Shelters, Stops & Stations
Mass Transit Supplier Directory 2020: Company Listings
Mass Transit Supplier Directory 2020: Product Category Listings
Classifieds
Mass Transit - 1
Mass Transit - 2
Mass Transit - 3
Mass Transit - 4
Mass Transit - 5
Mass Transit - Editor's Notebook: A Glance Back Before Moving Ahead
Mass Transit - 7
Mass Transit - People & Places: The Latest Industry and People News and Updates
Mass Transit - 9
Mass Transit - 10
Mass Transit - 11
Mass Transit - From Smart City to Hyperconnected City - What's Next in Digital Innovation?
Mass Transit - 13
Mass Transit - 14
Mass Transit - 15
Mass Transit - A Service Turnaround: How King County Metro is Making its Paratransit Service More than a Solution
Mass Transit - 17
Mass Transit - 18
Mass Transit - 19
Mass Transit - Securing the Railroads from Cyberattacks
Mass Transit - 21
Mass Transit - 22
Mass Transit - 23
Mass Transit - Products: In Focus - Shelters, Stops & Stations
Mass Transit - 25
Mass Transit - Mass Transit Supplier Directory 2020: Company Listings
Mass Transit - 27
Mass Transit - 28
Mass Transit - 29
Mass Transit - 30
Mass Transit - 31
Mass Transit - 32
Mass Transit - 33
Mass Transit - 34
Mass Transit - 35
Mass Transit - 36
Mass Transit - 37
Mass Transit - 38
Mass Transit - 39
Mass Transit - 40
Mass Transit - 41
Mass Transit - 42
Mass Transit - 43
Mass Transit - 44
Mass Transit - 45
Mass Transit - Mass Transit Supplier Directory 2020: Product Category Listings
Mass Transit - 47
Mass Transit - 48
Mass Transit - 49
Mass Transit - Classifieds
Mass Transit - 51
Mass Transit - 52
https://www.nxtbook.com/endeavor/masstransit/march-april-2024
https://www.nxtbook.com/endeavor/masstransit/january-february-2024
https://www.nxtbook.com/endeavor/masstransit/november-december-2023
https://www.nxtbook.com/endeavor/masstransit/mass-transit-at-the-show-2023
https://www.nxtbook.com/endeavor/masstransit/september-october-2023
https://www.nxtbook.com/endeavor/masstransit/july-august-2023
https://www.nxtbook.com/endeavor/masstransit/may-june-2023
https://www.nxtbook.com/endeavor/masstransit/march-april-2023
https://www.nxtbook.com/endeavor/masstransit/february-2023
https://www.nxtbook.com/endeavor/masstransit/december-2022-january-2023
https://www.nxtbook.com/endeavor/masstransit/november-2022
https://www.nxtbook.com/endeavor/masstransit/september-october-2022
https://www.nxtbook.com/endeavor/masstransit/july-august-2022
https://www.nxtbook.com/endeavor/masstransit/june_2022
https://www.nxtbook.com/endeavor/masstransit/april-may_2022
https://www.nxtbook.com/endeavor/masstransit/march_2022
https://www.nxtbook.com/endeavor/masstransit/february_2022
https://www.nxtbook.com/endeavor/masstransit/at-the-show-2021
https://www.nxtbook.com/endeavor/masstransit/december-2021-january-2022
https://www.nxtbook.com/endeavor/masstransit/november-2021
https://www.nxtbook.com/endeavor/masstransit/september-october_2021
https://www.nxtbook.com/endeavor/masstransit/july-august_2021
https://www.nxtbook.com/endeavor/masstransit/mass_transit_june_2021
https://www.nxtbook.com/endeavor/masstransit/aprilmay2021
https://www.nxtbook.com/endeavor/masstransit/december2020january2021
https://www.nxtbook.com/endeavor/masstransit/november2020
https://www.nxtbook.com/endeavor/masstransit/septemberoctober2020
https://www.nxtbook.com/endeavor/masstransit/julyaugust2020
https://www.nxtbook.com/endeavor/masstransit/june2020
https://www.nxtbook.com/endeavor/masstransit/aprilmay2020
https://www.nxtbook.com/endeavor/masstransit/Mass_Transit_March_2020
https://www.nxtbook.com/endeavor/masstransit/february2020
https://www.nxtbook.com/endeavor/masstransit/december2019january2020
https://www.nxtbook.com/endeavor/masstransit/november2019
https://www.nxtbook.com/endeavor/masstransit/Mass_Transit_September_2019
https://www.nxtbook.com/endeavor/masstransit/julyaugust2019
https://www.nxtbook.com/endeavor/masstransit/2019railproductguide
https://www.nxtbook.com/endeavor/masstransit/june2019
https://www.nxtbook.com/endeavor/masstransit/2019busandparatransitproductguide
https://www.nxtbook.com/endeavor/masstransit/aprilmay2019
https://www.nxtbook.com/endeavor/masstransit/march2019
https://www.nxtbook.com/endeavor/masstransit/february2019
https://www.nxtbookmedia.com