TSA will force train and plane operators to tell the feds when they've been hacked

미국 항공사와 철도는 사이버 침해 사고를 연방 정부에 보고해야 합니다., 바이든 행정부는 목요일, 관리들이 해킹 시도로 인한 위험 증가에 대해 경고함에 따라.

There have been several reported cyber attacks on the rail sector over the past year, such a breach of New York’s Metropolitan Transportation Authority’s computer systems, a ransomware attack on Toronto’s transit agency and a cyberattack on the Ann Arbor Area Transportation Authority that caused temporary disruptions to real-time bus information.
Since the crippling ransomware attack on Colonial Pipeline earlier this year, US authorities have scrambled to implement measures to help protect critical infrastructure in the US from cyber attacks.
    Under the new Transportation Security Administration mandates, major rail operators will be required to designate a cybersecurity coordinator, report cybersecurity incidents to the Cybersecurity and Infrastructure Security Agency within 24 시간, complete a vulnerability assessment and develop a cybersecurity incident response plan.
      Airport and airline operators will also be required to designate a cybersecurity coordinator and report cybersecurity incidents within 24 시간.
        Cybersecurity incidents affecting transportation are a growing, evolving and persistent threat,” Victoria Newhouse, TSA’s deputy assistant administrator, told the House Transportation Committee on Thursday. “Across US critical infrastructure, cyber threat actors have demonstrated their willingness and ability to conduct malicious cyber activities targeting critical infrastructure by exploiting the vulnerability of operational technology and information technology systems.
        Following the ransomware attack on Colonial Pipeline earlier this year, TSA issued two security directives mandating cybersecurity requirements on the pipeline industry.
          Since the issuance of those security directives, pipeline operators have reported 591 cyber-related incidents, according to the Department of Homeland Security.
            Of those 591 사건, one was rated as having alowimpact, meaning it isunlikely to affect public health or safety, 국가 안보, economic security, foreign relations, civil liberties, or public confidence.
            The rest were ratednegligible” 또는 “미성년자” — designations that are considered baseline and present even less concern thanlow.

            댓글이 닫혀 있습니다..