In December 2020, the cybersecurity firm FireEye discovered the worst cyber-attack in our nation’s history. While the full ramifications of this attack remain to be seen, the investigation revealed that more than 18,000 organizations may have been breached, including the Department of Defense and computer systems used by state and local governments, and critical infrastructure services such as the San Francisco International Airport. The new Mineta Transportation Institute (MTI) perspective Implications of the Sunburst Cybersecurity Attack addresses the damage caused by this attack and what public and private organizations, including transit agencies, can do to mitigate future attacks.
Although the specific effects of the Sunburst attack on transit agencies is not yet understood, transit agencies have recently been confirmed targets of several other cyber-attacks. One such attack on the Southeastern Pennsylvania Transportation Authority in August of 2020 took down its real-time bus and rail information for two full weeks. Another recent, severe attack occurred in 2017 against Sacramento Regional Transit (SaRT) in which SaRT suffered a ransomware attack that crippled its website and destroyed data. Researchers have also previously proven hackers could take over the brakes and controls of vehicles. These instances hint at the potential damage of the Sunburst attack and others.
Moreover, an October 2020 MTI study, Is the Transit Industry Prepared for the Cyber Revolution? Policy Recommendation to Enhance Surface Transit Cyber Preparedness found most public transit agencies acutely unprepared when facing cybersecurity threats and found that only 60% of agencies had any cybersecurity program in place even though 80% reported they were prepared.
“Cybersecurity is a growing concern for public transit managers, as control and management systems become increasingly dependent on information technology. These systems are vulnerable to increasingly sophisticated direct and indirect cyberattacks. Given these increasing risks, the transit industry and its technology managers must take proper steps to ensure the security of their cyber systems,” says Vice Chair of the APTA Board of Directors Jeff Nelson.
Agencies must prioritize cybersecurity by:
Cyber-attacks are ultimately inevitable. Fortunately, agencies can take action to help protect themselves from attacks and to prepare for any breaches that do occur, thus ensuring the critical transportation systems of our nation continue running smoothly and safely.
ABOUT THE MINETA TRANSPORTATION INSTITUTE
At the Mineta Transportation Institute (MTI) at San Jose State University (SJSU) our mission is to increase mobility for all by improving the safety, efficiency, accessibility, and convenience of our nations’ transportation system. Through research, education, workforce development and technology transfer, we help create a connected world. MTI was founded in 1991 and is funded through the US Departments of Transportation and Homeland Security, the California Department of Transportation, and public and private grants. MTI is affiliated with SJSU’s Lucas College and Graduate School of Business.
ABOUT THE AUTHORS
Scott Belcher, JD, MPP, is an MTI Research Associates, and the CEO of SFB Consulting, LLC. Prior to founding SFB Consulting, LLC he served for two years as the CEO of the Telecommunications Industry Association and for seven years as the CEO of the Intelligent Transportation Society of America.
Brandon Thomas, MBA is an MTI Research Associate, a Partner at Grayline Group, a firm focused on helping organizations understand and manage for disruption, as well as a Managing Partner of Blockview Partners, a firm focused on understanding the emerging blockchain and cryptocurrency space. He is co-author of “Chain Reaction: How Blockchain Will Transform the Developing World,” to be published by Palgrave Macmillan in spring 2021.
MTI Communications and Operations Manager