Hackers hit the Colorado Department of Transportation earlier this year with a ransomware attack that shut down 2,000 computers. It was an unfortunate situation, but CDOT was actually fortunate: The hackers left the state’s traffic signals, cameras and electronic message boards alone.
But government entities can’t rely on luck forever. Transportation systems — especially roadways and railways — are extremely vulnerable to security incidents because so many of these systems are connected to computer networks.
Public infrastructure security concerns have popped up alongside the rise of internet-of-things (IoT) devices, the surge in ransomware, the growth of online financial services and the network connectivity of many public services. In 2016, for instance, the SEC called hackers the biggest threat to the financial system. And in 2017, several ransomware attacks targeted fundamental services such as healthcare systems, putting lives at risk in the process.
Lately, another public service has been the focus of high alarm, as transportation systems in a number of cities have experienced threats from cyber attackers.
The most recent target was the aforementioned CDOT. After attackers caused a disruption requiring the state to shut down 2,000 computers, several systems remained offline for several weeks. Cybersecurity experts cautioned that similar situations could turn out even worse because transit system devices (road-signals, traffic lights, camera systems, etc.) are connected to networks. Even public transit systems, such as trains and buses, could be affected without the proper protections and mitigation efforts.
Colorado is far from the only example of such incidents. San Francisco’s Municipal Transit Authority and Sacramento’s transportation system have made similar headlines in recent months. In response, transit agency directors have begun thinking more critically about their approach to protecting core systems.
Departments of transportation and other agencies need to consider a number of fundamental cybersecurity measures to get their defenses up to speed. But one that is absolutely necessary is a secure network design, with advanced and prioritized protections for critical infrastructure.
While such a task may seem daunting for government departments with limited cyber expertise, it can be accomplished effectively with the help of an outside agency. Lunarline has plenty of experience assisting government agencies with systems hardening and other security features, and we are happy to put our experience to work for you.
Find out more about what we can do for you. Contact us online today!