NextGov: TSA Memo Falsely Claimed Hackers Disrupted US Railway Signals
Jan 24, 2012, 8:36 am
#1
FlyerTalk Evangelist
Original Poster
Join Date: Oct 2009
Location: ATL Lost Luggage
Programs: Kettle with Kryptonium Medallion Tags
Posts: 10,268
NextGov: TSA Memo Falsely Claimed Hackers Disrupted US Railway Signals
NextGov, a publication for federal managers and contractors, has published an article by Aliya Sternstein in which the TSA claims that hackers have manipulated a US railroad's computers.
Here's the link:
NextGov:
Hackers manipulated railway computers, TSA memo says
01/23/2012
The article opens with this scary sentence:
Here is what I am able to make out of the article:
Author Aliya Sternstein deserves accolades for quoting this wonderful line of bullplop from the TSA memo:
Here's the link:
NextGov:
Hackers manipulated railway computers, TSA memo says
01/23/2012
The article opens with this scary sentence:
Hackers, possibly from abroad, executed an attack on a Northwest rail company's computers that disrupted railway signals for two days in December, according to a government memo recapping outreach with the transportation sector during the emergency.
That opening sentence is contradicted by the very next paragraph:On Dec. 1, train service on the unnamed railroad "was slowed for a short while" and rail schedules were delayed about 15 minutes after the interference, stated a Transportation Security Administration summary of a Dec. 20 meeting about the episode obtained by Nextgov. The following day, shortly before rush hour, a "second event occurred" that did not affect schedules, TSA officials added.
"Disrupted Railway Signals for Two Days" is very different than delaying rail schedules "for about 15 minutes". Here is what I am able to make out of the article:
- On December 1 and 2, a "northwest railroad" experienced some computer problems. Those problems may or may not have been caused by hackers.
- On December 5, TSA sent out an alert to "several hundred railroad firms and public transportation agencies, as well as to partners in Canada." The alert listed three IP addresses.
- On December 20, TSA discussed the Dec 1 and 2 incident in a meeting that "included representatives from information technology firm Indus Corp., the Association of American Railroads, and Boeing Co., as well as government officials from TSA, the Homeland Security Department's cybersecurity divisions, the Transportation Department, and the U.S. Coast Guard."
- On January 23, DHS appears to have refuted TSA's earlier findings. From the article: "On Monday, officials at the Homeland Security Department, which oversees TSA, said following additional in-depth analysis, it appears that the rail infiltration may not have been a targeted attack."
Author Aliya Sternstein deserves accolades for quoting this wonderful line of bullplop from the TSA memo:
"The processes set in place for government to work with the industry in real-time communications regarding a cyber event aligned superbly."
Jan 24, 2012, 9:05 am
#2
Join Date: Jul 2001
Location: DTW
Programs: Dirt Status w/ All
Posts: 5,040
It is obvious the TSA needs at least $2 Billion to reduce the lead time from bogus claim to proof of lie to only two weeks. An extra billion or so should be spent on VIPR teams in the northwest, out of an abundance of caution of course.
Jan 24, 2012, 1:59 pm
#4
Join Date: Apr 2003
Location: Seattle, Wash. USA
Posts: 1,531
Rings a bell. These fuzznuts http://portland.indymedia.org/en/2011/12/412724.shtml posted something about rail sabotage in Washington at around that time. I know zip about railroad signals, so have no idea of draping a wire across the tracks would have the effect they claim.
Jan 25, 2012, 6:53 am
#5
Join Date: Nov 2010
Posts: 627
Rings a bell. These fuzznuts http://portland.indymedia.org/en/2011/12/412724.shtml posted something about rail sabotage in Washington at around that time. I know zip about railroad signals, so have no idea of draping a wire across the tracks would have the effect they claim.
I'm not a railroad expert, but here's what I do know: a train's axle places an electrical short between the two rails, which the signaling system sees as "there's a train on this block", which triggers things like red lights and level crossings.
If you put a copper wire between the rails, it could make the signaling system think there's a train there. Crossing gates go down for no reason, and conductors see a red signal and stop to avoid plowing into the nonexistent train. Delays until they find the copper wire? Yes. Safety problem? No.
Locomotives don't have TAT probes to break while climbing, but surely the TSA clerks could find a way to damage something.
Jan 25, 2012, 12:38 pm
#6
FlyerTalk Evangelist
Join Date: Oct 2006
Location: Marriott or Hilton hot tub with a big drink <glub> Beverage: To-Go Bag™ DYKWIA: SSSS /rolleyes ☈ Date Night: Costco
Programs: Sea Shell Lounge Platinum, TSA Pre✓ Refusnik Diamond, PWP Gold, FT subset of the subset
Posts: 12,509
These fuzznuts http://portland.indymedia.org/en/2011/12/412724.shtml posted something about rail sabotage in Washington at around that time.
Jan 25, 2012, 1:41 pm
#7
Join Date: Apr 2003
Location: Seattle, Wash. USA
Posts: 1,531
I thought it was the Ecumenical People's Front (not to be confused with the Ecumenical Popular People's Front nor the Ecumenical Popular Front).
Jan 25, 2012, 3:53 pm
#9
FlyerTalk Evangelist
Join Date: Sep 2002
Location: Between AUS, EWR, and YTO In a little twisty maze of airline seats, all alike.. but I wanna go home with the armadillo
Programs: CO, NW, & UA forum moderator emeritus
Posts: 35,373
Jan 26, 2012, 2:34 pm
#10
FlyerTalk Evangelist
Original Poster
Join Date: Oct 2009
Location: ATL Lost Luggage
Programs: Kettle with Kryptonium Medallion Tags
Posts: 10,268
Association of American Railroads says TSA's Memo was Inaccurate
Wired:
Railroad Association Says Hack Memo Was Inaccurate
January 26, 2012
A short quote:
Railroad Association Says Hack Memo Was Inaccurate
January 26, 2012
A short quote:
“There was no targeted computer-based attack on a railroad,” according to [Association of American Railroads] spokesman Holly Arthur. “The memo on which the story was based has numerous inaccuracies.”
Jan 26, 2012, 3:20 pm
#11
Join Date: Aug 2010
Location: LGA - JFK
Programs: UA, AA, DL, B6, CX, KE, Latitude, VIFP, Crown & Anchor, etc.
Posts: 2,589
TSA management 
must be pipe dreaming about a cyper-VIPR division in their endless quest for theatrics. 
There are daily DOS taking place globally, both targeted and unspecific, aiming at any and all computer network IP's - and, delays of 15 minutes is all that was accomplished. OMG, - hey, call a LEO ...
WOW, wow, wow - shock & awe ! 
(I'm speechless ... LMAO)
must be pipe dreaming about a cyper-VIPR division in their endless quest for theatrics. There are daily DOS taking place globally, both targeted and unspecific, aiming at any and all computer network IP's - and, delays of 15 minutes is all that was accomplished. OMG, - hey, call a LEO ...
WOW, wow, wow - shock & awe !
(I'm speechless ... LMAO)
Jan 28, 2012, 10:34 pm
#12
FlyerTalk Evangelist
Original Poster
Join Date: Oct 2009
Location: ATL Lost Luggage
Programs: Kettle with Kryptonium Medallion Tags
Posts: 10,268
Nextgov: A Rail Attack, or a Communications Problem?
Nextgov has another article, following up on their earlier reporting. Here's the link:
NextGov:
A Rail Attack, or a Communications Problem?
By Aliya Sternstein
01/26/12 10:13 pm ET
In the new article, the author poses six damning questions, including this one:
NextGov:
A Rail Attack, or a Communications Problem?
By Aliya Sternstein
01/26/12 10:13 pm ET
In the new article, the author poses six damning questions, including this one:
If there wasn't a railway cyber strike, why wasn't a subsequent corrected [TSA] memo issued?
