Cybersecurity vulnerabilities in the U.S. rail system pose an increasingly significant threat, with the potential for devastating consequences if targeted by hackers. While Americans are generally aware of the risks posed to power, water, and healthcare infrastructure, the dangers lurking in the nation’s rail network are often overlooked, even though a major disruption could lead to widespread chaos.
Railroads are crucial to the economy, and their physical and digital systems make them an attractive target for cyberattacks. According to Tom VanNorman, senior vice president at the industrial cybersecurity firm GRIMM, “We can’t live without rail.” Yet, until 2022, there were no federal regulations requiring rail operators to secure their systems against cyber threats. It wasn’t until the Transportation Security Administration (TSA) issued its first cybersecurity mandates that the rail industry began making moves to protect its networks.
The shift toward digital systems in rail operations has made trains easier to monitor and control but has also exposed the industry to cyber risks. The possibility of a hacker sabotaging or derailing trains, disrupting signaling systems, or halting freight operations is now a real concern. Rail systems are vast and often rely on outdated equipment that cannot be easily upgraded, adding to the complexity of securing the network.
Robert Huber, chief security officer at Tenable, warns that these conditions create a “ripe opportunity” for cyberattacks, which could have severe consequences. Hackers could derail trains, cause mass casualties, disrupt supply chains, or even release hazardous chemicals in the event of a crash. The recent toxic chemical spill in East Palestine, Ohio, serves as a chilling reminder of how such disruptions could unfold.
Cyberattacks on railroads would be especially dangerous in times of war, as the U.S. military relies on trains to transport troops, supplies, and equipment. The ongoing war in Ukraine has underscored the strategic importance of railroads, with both sides targeting each other’s infrastructure. U.S. officials are particularly concerned about China’s intent to disrupt American rail systems in the event of a conflict over Taiwan.
Despite these risks, experts suggest that the rail industry has lagged behind other sectors in its response to digital threats. While the TSA has introduced new cybersecurity directives, some in the rail industry have resisted the changes. The six major U.S. freight rail operators — BNSF, Canadian National Railway, CPKC, CSX, Norfolk Southern, and Union Pacific — have declined to comment publicly but have privately expressed concerns about the cost and complexity of implementing the new regulations.
The TSA’s regulations, first issued in 2022, require rail operators to take several basic steps, including designating cybersecurity leads, reporting incidents, and conducting vulnerability assessments. However, the rail industry’s resistance to the directives has slowed progress, as the required upgrades are expensive and technically challenging.
Some public transit systems, such as the Massachusetts Bay Transportation Authority (MBTA), have praised the TSA’s approach for being risk-based and adaptable. But the railroads have expressed frustration, especially over the TSA’s decision to classify Positive Train Control (PTC) technology as a “critical cyber system.” The TSA argues that PTC is essential for safe operations and must be protected against hacking.
Moving forward, the TSA plans to build on its partnership with the rail industry, with a goal of creating long-term cybersecurity programs. But as cyber threats continue to evolve and foreign adversaries seek ways to paralyze the U.S. during a crisis, the stakes could not be higher. As Grant Geyer, chief strategy officer at Claroty, said, “The risk is there, it’s real, and while it may not be realized today, if that risk is realized, it has extreme consequence.”
Sponsored • TRJ Ads
Inquiries: contact@therealistjuggernaut.com
