cyber concerns for transportation organizations – an overview
DESCRIPTION
Cyber Concerns for Transportation Organizations – an Overview. FHWA Resource Center in San Francisco Office of Technical Service - Operations Technical Service Team Edward Fok. Transportation Management System. Transportation Management System. Safe assignment of right of ways - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Cyber Concerns for Transportation Organizations – an Overview](https://reader035.vdocuments.us/reader035/viewer/2022062410/56815f78550346895dce8072/html5/thumbnails/1.jpg)
Version Control : released 2011 December 7U.S. Department of TransportationFederal Highway Administration
Cyber Concerns for Transportation Organizations – an OverviewFHWA Resource Center in San FranciscoOffice of Technical Service - Operations Technical Service TeamEdward Fok
![Page 2: Cyber Concerns for Transportation Organizations – an Overview](https://reader035.vdocuments.us/reader035/viewer/2022062410/56815f78550346895dce8072/html5/thumbnails/2.jpg)
Version Control : released 2011 December 7U.S. Department of TransportationFederal Highway Administration
Transportation Management System
![Page 3: Cyber Concerns for Transportation Organizations – an Overview](https://reader035.vdocuments.us/reader035/viewer/2022062410/56815f78550346895dce8072/html5/thumbnails/3.jpg)
Version Control : released 2011 December 7U.S. Department of TransportationFederal Highway Administration
Transportation Management System
Safe assignment of right of waysMaintain movement along major transportation facilities
Provide reliable and relevant information
![Page 4: Cyber Concerns for Transportation Organizations – an Overview](https://reader035.vdocuments.us/reader035/viewer/2022062410/56815f78550346895dce8072/html5/thumbnails/4.jpg)
Version Control : released 2011 December 7U.S. Department of TransportationFederal Highway Administration
Advanced Traveler Information Systems (ATIS)
Share risk similar to commercial web
Best practices exist for hardening – just need to follow it
![Page 5: Cyber Concerns for Transportation Organizations – an Overview](https://reader035.vdocuments.us/reader035/viewer/2022062410/56815f78550346895dce8072/html5/thumbnails/5.jpg)
Version Control : released 2011 December 7U.S. Department of TransportationFederal Highway Administration
myBART.org, August 14, 2011
Sources: networkwold.com, sfgate.com, sfappeal.com, twitter.com, BART.gov
![Page 6: Cyber Concerns for Transportation Organizations – an Overview](https://reader035.vdocuments.us/reader035/viewer/2022062410/56815f78550346895dce8072/html5/thumbnails/6.jpg)
Version Control : released 2011 December 7U.S. Department of TransportationFederal Highway Administration
myBART.org, August 14, 2011
Sources: networkwold.com, sfgate.com, sfappeal.com, twitter.com, BART.gov
![Page 7: Cyber Concerns for Transportation Organizations – an Overview](https://reader035.vdocuments.us/reader035/viewer/2022062410/56815f78550346895dce8072/html5/thumbnails/7.jpg)
Version Control : released 2011 December 7U.S. Department of TransportationFederal Highway Administration
myBART.org, August 14, 2011
Sources: networkwold.com, sfgate.com, sfappeal.com, twitter.com, BART.gov
![Page 8: Cyber Concerns for Transportation Organizations – an Overview](https://reader035.vdocuments.us/reader035/viewer/2022062410/56815f78550346895dce8072/html5/thumbnails/8.jpg)
Version Control : released 2011 December 7U.S. Department of TransportationFederal Highway Administration
Field Devices
Ramp/Gate/Signal ControllersFixed Dynamic Message SignsPortable Dynamic Message SignsEnforcement SystemsPayment Systems
![Page 9: Cyber Concerns for Transportation Organizations – an Overview](https://reader035.vdocuments.us/reader035/viewer/2022062410/56815f78550346895dce8072/html5/thumbnails/9.jpg)
Version Control : released 2011 December 7U.S. Department of TransportationFederal Highway Administration
Field Devices – Equipment Manuals
Ramp/Gate/Signal ControllersFixed Dynamic Message SignsPortable Dynamic Message SignsEnforcement SystemsPayment Systems
![Page 10: Cyber Concerns for Transportation Organizations – an Overview](https://reader035.vdocuments.us/reader035/viewer/2022062410/56815f78550346895dce8072/html5/thumbnails/10.jpg)
Version Control : released 2011 December 7U.S. Department of TransportationFederal Highway Administration
Field Devices – Equipment Manuals
Ramp/Gate/Signal ControllersFixed Dynamic Message SignsPortable Dynamic Message SignsEnforcement SystemsPayment Systems
![Page 11: Cyber Concerns for Transportation Organizations – an Overview](https://reader035.vdocuments.us/reader035/viewer/2022062410/56815f78550346895dce8072/html5/thumbnails/11.jpg)
Version Control : released 2011 December 7U.S. Department of TransportationFederal Highway Administration
Lodz, Poland, January 2008
4 light rail trams derailed, 12 people hurtTool used: Converted television IR remote
![Page 12: Cyber Concerns for Transportation Organizations – an Overview](https://reader035.vdocuments.us/reader035/viewer/2022062410/56815f78550346895dce8072/html5/thumbnails/12.jpg)
Version Control : released 2011 December 7U.S. Department of TransportationFederal Highway Administration
Lodz, Poland, January 2008
4 light rail trams derailed, 12 people hurtTool used: Converted television IR remoteExploit: Locks to disable track changes when vehicle are
present was not installed.
![Page 13: Cyber Concerns for Transportation Organizations – an Overview](https://reader035.vdocuments.us/reader035/viewer/2022062410/56815f78550346895dce8072/html5/thumbnails/13.jpg)
Version Control : released 2011 December 7U.S. Department of TransportationFederal Highway Administration
Bored with DMS? – RFID Transit Card
![Page 14: Cyber Concerns for Transportation Organizations – an Overview](https://reader035.vdocuments.us/reader035/viewer/2022062410/56815f78550346895dce8072/html5/thumbnails/14.jpg)
Version Control : released 2011 December 7U.S. Department of TransportationFederal Highway Administration
Bored with DMS? – Electronic Parking Meter
![Page 15: Cyber Concerns for Transportation Organizations – an Overview](https://reader035.vdocuments.us/reader035/viewer/2022062410/56815f78550346895dce8072/html5/thumbnails/15.jpg)
Version Control : released 2011 December 7U.S. Department of TransportationFederal Highway Administration
Center to Field (C2F) Network
Monitor field equipment health and statusCommand and Control of field equipmentTransmission of sensor/video information and images
![Page 16: Cyber Concerns for Transportation Organizations – an Overview](https://reader035.vdocuments.us/reader035/viewer/2022062410/56815f78550346895dce8072/html5/thumbnails/16.jpg)
Version Control : released 2011 December 7U.S. Department of TransportationFederal Highway Administration
C2F Network - Threats
• Physical Destruction• Signal Intercept/Jamming• Wire and Server Tapping
Copper Statistic Source - Wikipedia
![Page 17: Cyber Concerns for Transportation Organizations – an Overview](https://reader035.vdocuments.us/reader035/viewer/2022062410/56815f78550346895dce8072/html5/thumbnails/17.jpg)
Version Control : released 2011 December 7U.S. Department of TransportationFederal Highway Administration
C2F Network - Threats
• Physical Destruction• Signal Intercept/Jamming• Wire and Server Tapping
Copper Statistic Source - Wikipedia
![Page 18: Cyber Concerns for Transportation Organizations – an Overview](https://reader035.vdocuments.us/reader035/viewer/2022062410/56815f78550346895dce8072/html5/thumbnails/18.jpg)
Version Control : released 2011 December 7U.S. Department of TransportationFederal Highway Administration
C2F - Wireless System Vulnerabilities
Threat Defendable?Offensive Measures
Damage Potential
Eavesdropping Low No No LowCommunication Jamming Moderate No Yes HighDenial of Service Attacks High Yes Some HighInjection and Modification of Data High Yes Yes LowMan-In-The-Middle Attacks High Yes Yes ModerateRogue Client High Yes Yes LowRogue Access Points High Yes Yes ModerateClient to Client Attacks Moderate Yes Yes HighNetw ork Equipment Attacks Moderate Yes Yes HighThreat = Probability of threat occurring to a transportation networkDefendable = Does solution exist to defend against this type of vulnerability?Offensive Measures = Can offensive measure be taken against the attacker?Damage Potential = Potential impact to vulnerable segment of the Transportation Network
![Page 19: Cyber Concerns for Transportation Organizations – an Overview](https://reader035.vdocuments.us/reader035/viewer/2022062410/56815f78550346895dce8072/html5/thumbnails/19.jpg)
Version Control : released 2011 December 7U.S. Department of TransportationFederal Highway Administration
C2F – Cellular Base Station Cloning
DEFCON 2010 - Fake GSM Base Station assembled using open source software and $1500 of hardware.
![Page 20: Cyber Concerns for Transportation Organizations – an Overview](https://reader035.vdocuments.us/reader035/viewer/2022062410/56815f78550346895dce8072/html5/thumbnails/20.jpg)
Version Control : released 2011 December 7U.S. Department of TransportationFederal Highway Administration
C2F – Cellular Base Station Cloning
DEFCON 2010 - Fake GSM Base Station assembled using open source software and $1500 of hardware.
DEFCON 2011 – GSM, CDMA, 1xRTT, WiMAX all cloned….
Source: http://seclists.org/fulldisclosure/2011/Aug/76
![Page 21: Cyber Concerns for Transportation Organizations – an Overview](https://reader035.vdocuments.us/reader035/viewer/2022062410/56815f78550346895dce8072/html5/thumbnails/21.jpg)
Version Control : released 2011 December 7U.S. Department of TransportationFederal Highway Administration
C2F Network - Summary
Open Ethernet portsWiretappingSo you think Fiber is better?
Passive SplitterEvanescent couplerPhase conjugation
![Page 22: Cyber Concerns for Transportation Organizations – an Overview](https://reader035.vdocuments.us/reader035/viewer/2022062410/56815f78550346895dce8072/html5/thumbnails/22.jpg)
Version Control : released 2011 December 7U.S. Department of TransportationFederal Highway Administration
C2F Network - Summary
Deny Access to physical plantMonitor network behavior
Traffic AnalysisData routingCommunication interruptionTime-domain Reflectometer
How Paranoid are you?Encrypted trafficDeep packet inspection
Open Ethernet portsWiretappingSo you think Fiber is better?
Passive SplitterEvanescent couplerPhase conjugation
![Page 23: Cyber Concerns for Transportation Organizations – an Overview](https://reader035.vdocuments.us/reader035/viewer/2022062410/56815f78550346895dce8072/html5/thumbnails/23.jpg)
Version Control : released 2011 December 7U.S. Department of TransportationFederal Highway Administration
Back Office – The Management Center
![Page 24: Cyber Concerns for Transportation Organizations – an Overview](https://reader035.vdocuments.us/reader035/viewer/2022062410/56815f78550346895dce8072/html5/thumbnails/24.jpg)
Version Control : released 2011 December 7U.S. Department of TransportationFederal Highway Administration
Back Office – The Management Center
![Page 25: Cyber Concerns for Transportation Organizations – an Overview](https://reader035.vdocuments.us/reader035/viewer/2022062410/56815f78550346895dce8072/html5/thumbnails/25.jpg)
Version Control : released 2011 December 7U.S. Department of TransportationFederal Highway Administration
Back Office – Attack Vector
Malicious Programs on the Internet – Browser attack
60% successfully blocked54% comes from US, Russian Federation, China
Network Attack increased by 596% from 2009
Statistic Source - Kaspersky Security Bulletin 2010 Statistics 2010
![Page 26: Cyber Concerns for Transportation Organizations – an Overview](https://reader035.vdocuments.us/reader035/viewer/2022062410/56815f78550346895dce8072/html5/thumbnails/26.jpg)
Version Control : released 2011 December 7U.S. Department of TransportationFederal Highway Administration
Davis-Besse Nuclear Plant, Ohio: January 25, 2003
16:00 – network slow down noticed16:50 – Safety Parameter Display System (SPDS) crashes17:13 – Plant Process Computer crashes, this has analog backup.
Source – securityfocus
![Page 27: Cyber Concerns for Transportation Organizations – an Overview](https://reader035.vdocuments.us/reader035/viewer/2022062410/56815f78550346895dce8072/html5/thumbnails/27.jpg)
Version Control : released 2011 December 7U.S. Department of TransportationFederal Highway Administration
Davis-Besse Nuclear Plant, Ohio: January 25, 2003
16:00 – network slow down noticed16:50 – Safety Parameter Display System (SPDS) crashes17:13 – Plant Process Computer crashes, this has analog backup.
Cause: Dedicated line connecting the reactor to a contractor’s network. A machine on that network was infected.
Source – securityfocus
![Page 28: Cyber Concerns for Transportation Organizations – an Overview](https://reader035.vdocuments.us/reader035/viewer/2022062410/56815f78550346895dce8072/html5/thumbnails/28.jpg)
Version Control : released 2011 December 7U.S. Department of TransportationFederal Highway Administration
Back Office
Image from 2003 Paramount Picture Film: “The Italian Job”
![Page 29: Cyber Concerns for Transportation Organizations – an Overview](https://reader035.vdocuments.us/reader035/viewer/2022062410/56815f78550346895dce8072/html5/thumbnails/29.jpg)
Version Control : released 2011 December 7U.S. Department of TransportationFederal Highway Administration
Back Office – Summary
• Lose remote control of field devices• Lose ability to communicate/exchange data• Remote control by unauthorized parties• Vulnerable to Blackmail
Image from 2003 Paramount Picture Film: “The Italian Job”
![Page 30: Cyber Concerns for Transportation Organizations – an Overview](https://reader035.vdocuments.us/reader035/viewer/2022062410/56815f78550346895dce8072/html5/thumbnails/30.jpg)
Version Control : released 2011 December 7U.S. Department of TransportationFederal Highway Administration
BackOffice – Hardening by Design
![Page 31: Cyber Concerns for Transportation Organizations – an Overview](https://reader035.vdocuments.us/reader035/viewer/2022062410/56815f78550346895dce8072/html5/thumbnails/31.jpg)
Version Control : released 2011 December 7U.S. Department of TransportationFederal Highway Administration
BackOffice – Hardening by Design
![Page 32: Cyber Concerns for Transportation Organizations – an Overview](https://reader035.vdocuments.us/reader035/viewer/2022062410/56815f78550346895dce8072/html5/thumbnails/32.jpg)
Version Control : released 2011 December 7U.S. Department of TransportationFederal Highway Administration
BackOffice – Hardening by Design
![Page 33: Cyber Concerns for Transportation Organizations – an Overview](https://reader035.vdocuments.us/reader035/viewer/2022062410/56815f78550346895dce8072/html5/thumbnails/33.jpg)
Version Control : released 2011 December 7U.S. Department of TransportationFederal Highway Administration
BackOffice – Hardening by Design
![Page 34: Cyber Concerns for Transportation Organizations – an Overview](https://reader035.vdocuments.us/reader035/viewer/2022062410/56815f78550346895dce8072/html5/thumbnails/34.jpg)
Version Control : released 2011 December 7U.S. Department of TransportationFederal Highway Administration
BackOffice – Hardening by Design
![Page 35: Cyber Concerns for Transportation Organizations – an Overview](https://reader035.vdocuments.us/reader035/viewer/2022062410/56815f78550346895dce8072/html5/thumbnails/35.jpg)
Version Control : released 2011 December 7U.S. Department of TransportationFederal Highway Administration
BackOffice – Hardening by Design
![Page 36: Cyber Concerns for Transportation Organizations – an Overview](https://reader035.vdocuments.us/reader035/viewer/2022062410/56815f78550346895dce8072/html5/thumbnails/36.jpg)
Version Control : released 2011 December 7U.S. Department of TransportationFederal Highway Administration
BackOffice – Hardening by Design
![Page 37: Cyber Concerns for Transportation Organizations – an Overview](https://reader035.vdocuments.us/reader035/viewer/2022062410/56815f78550346895dce8072/html5/thumbnails/37.jpg)
Version Control : released 2011 December 7U.S. Department of TransportationFederal Highway Administration
BackOffice – Hardening by DesignIntrusion
Prevention System
![Page 38: Cyber Concerns for Transportation Organizations – an Overview](https://reader035.vdocuments.us/reader035/viewer/2022062410/56815f78550346895dce8072/html5/thumbnails/38.jpg)
Version Control : released 2011 December 7U.S. Department of TransportationFederal Highway Administration
BackOffice – Hardening by DesignIntrusion
Prevention System
Honey Pot
![Page 39: Cyber Concerns for Transportation Organizations – an Overview](https://reader035.vdocuments.us/reader035/viewer/2022062410/56815f78550346895dce8072/html5/thumbnails/39.jpg)
Version Control : released 2011 December 7U.S. Department of TransportationFederal Highway Administration
Emerging Challenges – Stuxnet & Duqu
Stuxnet is Cyber warfare munitionsTargeted against embedded/industrial devicesDuqu – spawn of Stuxnet
Source: Wired, The Register, eWeek, Symantec, Kaspersky Lab
![Page 40: Cyber Concerns for Transportation Organizations – an Overview](https://reader035.vdocuments.us/reader035/viewer/2022062410/56815f78550346895dce8072/html5/thumbnails/40.jpg)
Version Control : released 2011 December 7U.S. Department of TransportationFederal Highway Administration
Emerging Challenges – Stuxnet & Duqu
Stuxnet is Cyber warfare munitionsTargeted against embedded/industrial devicesDuqu – spawn of Stuxnet
Vulnerability to Transportation~307,000 traffic signal controllers today~98,000 uses some kind of operating systemUnknown numbers are networked together and to the web
Source: Wired, The Register, eWeek, Symantec, Kaspersky Lab
![Page 41: Cyber Concerns for Transportation Organizations – an Overview](https://reader035.vdocuments.us/reader035/viewer/2022062410/56815f78550346895dce8072/html5/thumbnails/41.jpg)
Version Control : released 2011 December 7U.S. Department of TransportationFederal Highway Administration
Emerging Challenges – Transit
![Page 42: Cyber Concerns for Transportation Organizations – an Overview](https://reader035.vdocuments.us/reader035/viewer/2022062410/56815f78550346895dce8072/html5/thumbnails/42.jpg)
Version Control : released 2011 December 7U.S. Department of TransportationFederal Highway Administration
Emerging Challenges – Transit
These vulnerabilities were discussed at DEFCON. No actual incidents have been confirmed to date.
![Page 43: Cyber Concerns for Transportation Organizations – an Overview](https://reader035.vdocuments.us/reader035/viewer/2022062410/56815f78550346895dce8072/html5/thumbnails/43.jpg)
Version Control : released 2011 December 7U.S. Department of TransportationFederal Highway Administration
Emerging Challenges – Transit
Source: DEFCON 18
![Page 44: Cyber Concerns for Transportation Organizations – an Overview](https://reader035.vdocuments.us/reader035/viewer/2022062410/56815f78550346895dce8072/html5/thumbnails/44.jpg)
Version Control : released 2011 December 7U.S. Department of TransportationFederal Highway Administration
Future Challenges – Connected Vehicle
DSRC - 5.9GHz Dedicated Short Range CommunicationRSE – Road Side EquipmentOBE – On Board Equipment, may connect to CANBUS/OBDASD – Aftermarket Safety Devices
Source - Experimental Security Analysis of a Modern Automobile. 2010 IEEE Symposium on Security and Privacy
![Page 45: Cyber Concerns for Transportation Organizations – an Overview](https://reader035.vdocuments.us/reader035/viewer/2022062410/56815f78550346895dce8072/html5/thumbnails/45.jpg)
Version Control : released 2011 December 7U.S. Department of TransportationFederal Highway Administration
Recap
• Technical challenge and obscurity can no longer be considered a deterrent
• Anything with an operating system should be Hardened• Keep all back up current• The network is as vulnerable as the weakest link…and that
includes the all of us the system users/vendors/operator/owners.
![Page 46: Cyber Concerns for Transportation Organizations – an Overview](https://reader035.vdocuments.us/reader035/viewer/2022062410/56815f78550346895dce8072/html5/thumbnails/46.jpg)
Version Control : released 2011 December 7U.S. Department of TransportationFederal Highway Administration
Information Resources• Federal Desktop Core Configuration
• http://fdcc.nist.gov• Computer Emergency Response Team
(CERT)• Very good source on Insider Threat and
Prevention• Microsoft Technet
• Windows Vista Security Guide• Windows XP Security Guide• http://technet.microsoft.com
• ISO/IEC 27000• Book: “Standard of Good Practice” –
Information Security Forum
Computer Security references:• National Institute of Standards and
Technology– http://csrc.nist.gov/index.html
• SANS Institute– http://www.sans.org
• National Vulnerability Database– http://nvd.nist.gov
Antivirus Reviews• http://av-comparatives.org/
Warning Centers• Computer Emergency Response
Team (CERT)– http://www.cert.org/
• Internet Storm Center– http://isc.sans.org/