TSA seeks help from industry to prevent cyberterrorism

By Susan Moeser

ASHBURN, Va. – Six Transportation Security Administration (TSA) personnel oversee safety for the nation’s 4.1 million miles of highways, 612,000 bridges and 473 road tunnels – a big job when you consider the modern-day threat of cyberterrorism.

Jimmy Beasley, a highway security specialist at TSA, said the transportation sector and commercial vehicles in general continue to be an attractive target for terrorism. And because commercial carriers spend more time connected to the Internet, cyber threats need to be addressed.

Beasley said commercial carriers have a high level of electronic homogeneity that enable an adversary to develop viable exploits that could attack large vehicles simultaneously.

He said software used in day-to-day operations of fleets, such as fleet management systems, can be remotely hacked to expose diagnostics, maintenance tracking, driver behavior and trip information.

Anything with direct vehicle access can reconfigure an engine. This can occur through foreign devices mounted to accessible parts of the vehicle that allow a hacker to have onboard access.

And TSA, which is on the front lines of preventing the transportation sector from cyberterrorism, is seeking assistance from transportation professionals.

“We are accountable to Congress for what steps we are taking for highway safety,” Beasley told participants in last month’s UMA Safety Management Seminar. “The communication goes both ways, and we need help from professionals.”

Information and intelligence sharing between transportation professionals and the TSA is at the center of the agency’s plan for surface transportation security.

Beasley said developing an internal program to address cybersecurity with high-level organizational support is the way to minimize heavy vehicle cybersecurity risks.

He said the National Institute of Standards and Technology Cybersecurity Framework and Center for Internet Security are both good starting points in their controls for effective cyber defense.

It is also important to protect company networks, especially those directly involved with vehicle operations. An easily targeted access point is office networks and the computers used to communicate with the vehicles. Attacks can include malicious websites and email attachments and access by a rouge contractor or disgruntled employee.

“Only expose information to an internal network if you have to,” Beasley said. “Ask what can be done on a stand-alone computer.”

Protecting vehicles through vendor communication and maintenance, avoiding vulnerabilities from third-party add-ons/customizations, disabling features that are not critical to vehicle usage, and updating pre-trip inspections to include cybersecurity inspection points can all minimize cybersecurity risks.

Beasley strongly suggested adding “pre- and post-cybersecurity checks to every trip. Make sure wiring is connected, that someone hasn’t tampered with it.”

“If you have been hacked, or think you have, we need you to report it. It might not be an isolated incident. You can call 866-784-7221. The information will be analyzed and then passed on to the FBI,” he said.

When asked about data collection and electronic logging devices (ELDs), Beasley said, “Our office is not collecting information from ELDs. We are working with the Department of Transportation and experts to come up with best practices. There are no 100 percent solutions, but we are working on best practices.

“It takes a collaborative effort when it comes to security,” Beasley said. “It’s not possible to do it ourselves. We need your help.”

Questions regarding cyber and highway safety can be sent to: highwaysecurity@dhs.gov. For security training information visit: http://tsa.gov/firstobserver.

Share this post