Evaluating Cyber Attacks in Rail Transit

Chapter Preview

Top

Background

Businesses have reported increasing numbers of cyber attacks that have placed sensitive information at risk, with potentially serious impacts on operations, assets, and personnel. Over the past six years, the number of reported incidents has increased from 5,503 incidents in fiscal year 2006 to 42,887 incidents in fiscal year 2011, an increase of almost 680% (Dempsey, 2013). These businesses reported the types of cyber attacks as indicated in Figure 1. The two most prevalent types of attacks reported were the unconfirmed incidents under investigation and malicious code (GAO, 2012).

Figure 1.

Types of cyber attacks reported (GAO, 2012)

The above threats are real enough that the National Defense Research Institute (NDRI) cited a rail-related, cyber attack in a report prepared for the U.S. Secretary of Defense. As part of a complex threat scenario, NDRI included “an Amtrak Acela Express Train traveling at 150 mph slammed into an apparently misrouted freight train near Laurel, Maryland. The Maryland State Police estimated that the train wreck had killed over 60 passengers and crew and critically injured another 120 persons. Within three hours, the National Transportation Safety Board’s (NTSB) Chief Rail Investigator notified the Secretary of Transportation that there was ‘clear evidence’ that the freight train had been misrouted onto the Acela track with ‘some evidence’ pointing to a sophisticated intrusion into the East Coast Train Control System.”

Key Terms in this Chapter

Software Fault Tree Analysis: A formal analysis used to evaluate faults of a software-driven system from a single/top event.

Vulnerability Assessment: A formal assessment of a system’s vulnerabilities and the development of corrective measures to prevent these occurrences.

Software Fault Hazard Analysis: A formal analysis of a software-driven system to identify the hazards and their overall effects.

Software System Hazard Analysis: A formal analysis of a software-driven system to identify the hazards due to hardware failures, software deficiencies and/or human action or inaction.

Black Hat Hacker: A hacker who violates computer security for personal gain (such as, stealing credit card numbers or gathering personal data for sale to identity thieves) or for pure maliciousness (such as, creating botnets to carry out attacks against Websites the hacker does not like).

Hacker: An individual or a group of individuals who persistently tries to gain access to software-driven systems through unauthorized means or methods.

System Hazard Analysis: A formal analysis of a system and the interrelations among its various parts to identify hazards.

Software Preliminary Hazard Analysis: A formal analysis used to identify and evaluate the hazards of a new or modified software-driven system.

Botnet: A number of Internet computers that have been set up (without the knowledge of the computer owners) to forward transmissions (including spam or viruses) to other computers on the Internet. Any such computer connected to this net is often referred to as a zombie - in effect, a computer “robot” or “bot” that serves the wishes of some master hacker.