New National Cybersecurity Guidelines Put in Place for Rail Transportation

December 13, 2021 Pete Cavicchia

During an era when federal pushes to increase infrastructure spending and heightened concerns over security risks across all sectors dominate headlines, recent news that the United States government is imposing cybersecurity regulations for rail transit made waves.

CBS News recently reported on the announcement that the federal government just imposed cybersecurity mandates for “higher risk” rail transit and railroad systems.

The Department of Homeland Security and Transportation Security Administration stated that freight trains and passenger transit rail systems will have to now report all cybersecurity incidents to the federal government within a 24-hour timeframe, put in place a 24/7 cybersecurity liaison with federal agencies, institute incident response plans, and conduct vulnerability assessments to address gaps in their cybersecurity protocols.

"These new cybersecurity requirements and recommendations will help keep the traveling public safe and protect our critical infrastructure from evolving threats," DHS Secretary Alejandro Mayorkas said in a statement that was published by CBS News.

Officials in the freight and passenger rail transit industries have pushed back at the idea of more federal regulations.

"Mandating a prescriptive 24-hour reporting requirement in a security directive could negatively affect cyber response and mitigation by diverting personnel and resources to reporting when incident response is most critical,” President and CEO of the American Public Transportation Association (APTA), wrote in a recent letter to U.S. lawmakers. "Additional personnel and resources needed to comply with the requirements will add significant compliance costs just as transit agencies are working to recover from the COVID-19 pandemic.”

Fears over continued cyberattacks on transportation systems is a very pressing concern for federal regulators and transit officials alike. In this year, alone, the nation has seen hacks result in supply chain shortages and fuel shortages — it does not seem out of the realm of possibility that our trains and passenger rail systems could be at elevated risk in the near future.

CBS’s report highlights a ransomware attack that affected the Southeastern Pennsylvania Transportation Authority in 2020. That service is behind Philadelphia’s rail transit system. In August 2020, the Philly Voice covered the attack, writing that hackers were able to temporarily achieve unauthorized access to the transit authority’s servers.

Cases like this are reminders that our transportation systems are particularly vulnerable, especially during high-travel periods like the holiday season and beyond.

As we have a continual national reckoning over how to keep our systems — from healthcare to banking — safe and secure, a focus will continue to be directed on our passenger and commercial trains.

How to Scare Away Security Threats this Halloween Season

October 29, 2021 Pete Cavicchia

It’s the end of October, and we’re now in the midst of Halloween season. During a busy time that includes taking the kids out trick-or-treating, attending costume parties, or watching seasonally appropriate scary movies, it can be easy to lose track over concerns about security — both physical and cyber.

Some scary cybersecurity statistics

The conclusion of Halloween brings the end of Cybersecurity Awareness Month, but that doesn’t mean your vigilance about potential cybersecurity threats should stop. Instead, it should carry through all year, every year.

For Halloween, Pax8 Blog published an overview of cybersecurity threats that go bump in the night. Here’s a look at som e o f the statistics t hey scared up:

Hacks have a long lifecycle — IBM’s Cost of a Data B reach Report found it took an average of 212 days to detect a cyber breach as well as 75 days to contain it. They found that the total lifecycle of a hack is 287 days. To illustrate this point further, they explain that if a company had been breached by hackers on January 1, 2021, it would take until October 15 to be contained.
An escalation of ransomware attacks — They also point to the scary statistic that ransomware attacks increased by 185 percent in the United States for the first six months of 2021. In the United Kingdom it was 144 percent, according to dat a from SonicWall.
A lot of data failed to be restored — Even bleaker, Sophos found that just 65 perc ent of data was restored after a company paid ransom to cybercriminals following a ransomware attack.
Remote workers are ill-equipped for hackers’ attacks — In its State of the Phish Report, Proofpoint found 70 percent of organizations fail to institute best cybersecurity practices in remote worker trainings. This is a particularly big oversight given the rush to embrace remote work during the COVID-19 pandemic.

What all of these disturbing, worrying statistics do is offer a reminder that it’s crucial to practice proper cybersecurity hygiene. Keep passwords private and safe, utilize multi-factor authentication, and do not transmit private and sensitive data over public Wi-Fi or shared computer connections. Similarly, be wary of social media scams— and not just during Halloween. Never give your private information to a third party.

Trick-or-treat season is a time to be vigilant about physical safety and security, too

This time of year, reminders about safety extend beyond the cyber world.

If you and your family are out and about trick-or-treating on October 31, be vigilant about physical safety, too. UPMC Children’s Hospital of Pittsburgh offers some Halloween-specific safety instructions for your children. This includes making sure all children have adult supervision when they are out for Halloween, avoid sharp objects and costume accessories, visit familiar neighborhoods to collect candy, and wash all fruit and inspect exactly what kind of food items are being placed in your kids’ trick-or-treat bags.

This year also poses unique safety concerns due to COVID-19. Healthychildren.org outlines recommendations for safely enjoying the spooky holiday during the pandemic. Chief among them — focus on outdoor activities. While we are in a better place with COVID-19 than we were a year ago, congregating in large groups of strangers still poses risks. If you are concerned about COVID-19 transmission — either for yourself, your children, or your family at large — consider outdoor activities and bring a protective face mask if you are planning on going inside. Also, make sure you bring some hand sanitizer along the way.

While Halloween can be a fun time of year, make sure you celebrate safely. Always keep both your physical and digital safety at the front of your mind.

This is the Sky-High Ransomware Payment Total for 2021 So Far

October 27, 2021 Pete Cavicchia

A lot has been written about the high rates of cybercrime and ransomware attacks over the past year. The uncertainties of an era marked by the COVID-19 pandemic, along with a move to the work-from-home lifestyle that put a lot of people’s sensitive data at risk is represented quite starkly by a new report on ransomware payments for the first half of 2021.

A recent report from the United States Department of the Treasury reveals that ransomware payments scaled to almost $600 million over the course of the first six months of 2021.

By comparison, the ransomware payments made for all of 2020 totaled $416 million. For concrete examples of how high impact these attacks can be, just think back to what happened during the Colonial Pipeline and meat processor JBS USA Holdings incidents this year. Both were forced to pay millions, with real world consequences. After both hacks, meat supplies were affected and the nation’s gas prices went up, CNET reports.

“The Treasury says the rise potentially reflects both a big increase in ransomware-related attacks, as well as improved detection and reporting of those attacks by financial institutions,” writes CNET’s Bree Fowler. “It notes that the number of ransomware-related suspicious activity reports also rose 30 percent to 635, when compared to the entire calendar year of 2020.”

A bleak reality stands — the Treasury Department estimates the total ransomware payments for the entire calendar year will extend beyond those of the past 10 years combined.

This warning underscores what everyone can do to be vigilant about these attacks. You don’t have to be the CEO of a tech firm to feel the pressure of how crucial it is to secure your data.

If you receive a strange email or text message from a source you don’t recognize, never share personal financial information or transfer funds. If a suspicious email or text contains a link, do not click on it.

These commonsense practices that mark effective cybersecurity hygiene are important for all of us to keep in mind, especially as current work-from-home policies further blur the lines of distinction between personal and professional. In short, transmitting sensitive data over a shared family computer can bear with it serious cybersecurity headaches.

Make sure you always update software on all of your devices, institute multi-factor authentication, and educate others in your household or at your office about proper protocols for keeping sensitive data protected from hackers.

What Is Ransomware and How to Protect Yourself From It?

June 5, 2020 Pete Cavicchia

In late May, Microsoft issued an advisory warning for companies and organizations worldwide — protect against a strain of ransomware called PonyFinal. It’s been out there for about two months now, ZDNet reports.

First of all, what is ransomware? It’s malware created to deny access to a computer system or data until a person or company pays a ransom for it. Usually, your system will be infected by way of a phishing email or by visiting a compromised website, according to the United States Department of Homeland Security.

The DHS says this can inflict a devastating blow to a person or their company. Usually, people who have particularly sensitive data stored — such as people in government agencies, healthcare or the financial sector — are the main targets. It can be hard to get this data back, requiring the help of a data recovery
service and the payment of that ransom, which could amount to a hefty sum.

PonyFinal was slightly different from the typical ransomware — it’s what’s known as “human-operated ransomware,” which means hackers directly infiltrate the networks and place the malicious software themselves rather than resort to phishing emails, for instance, according to ZDNet.

If you are a business owner or oversee an agency that’s responsible for sensitive data, you should train those who work for you on best practices to deal with this kind of cybercrime. The DHS suggests that you take these
essential protocols:

Update software: Make sure your devices and computer systems are up-to-date with the latest patches to protect from hacks and viruses.
Screen your emails: Don’t open links or attachments from unsolicited emails in your Inbox.
Back it up: Backup your data on a regular basis. Keep it on a separate drive and store it offline, not the cloud.
Restrict access: Restrict user permissions to install and run software on any of your systems.
Put on the spam filters: Use strong spam filters for your emails to block phishing emails.
Scan your emails: Please scan all of your incoming and outgoing emails in order to pinpoint threats.
Firewalls: Put firewalls in place to block access to malicious IP addresses.

For their full list of recommendations, go here.