The Rail Industry’s Growing Attack Surface

May 01, 2019 @ 2:00 PM - 2:30 PM

The World Economic Forum now rates a large-scale cybersecurity breach as one of the five most serious risks facing the world today. By 2021, the forum has predicted the global cost of cybersecurity breaches is expected to reach $6 trillion. Cyber threats are evolving and escalating at an alarming rate in asset-intensive industries like rail. As locomotives, railcars, and wayside monitoring devices are brought online as part of digital transformation, the rail industry’s attack surface is being extended past legacy DMZs, VPNs, firewalls, and other technologies that have been used to secure traditional enterprise applications. These technologies weren’t designed for rail’s widely dispersed and moving assets and the industry must rethink how it approaches cybersecurity. This session is an interactive discussion between cybersecurity experts Stephan Hundley, Director of Digital Risk & Security at TTX, and Rohit Pasam, CEO at Xaptum, to think through a hacker’s mindset and how rail companies can protect themselves by designing security systems based on field-proven counterintelligence tactics, situational awareness, and proactive attack surface monitoring. From this discussion, the audience will gain a better understanding of the cat-and-mouse game of hacking in this emerging world of connected assets.

Presented By:

Learning Objectives:

1. Gain a better understanding of hacking in the world of connected assets.
2. Discuss a “Patch” Attack: Example of hacking patterns from a Tesla incident.
3. Identify a “Sleeper” Attack: Example of information snooping patterns (SuperMicro/Apple incident).
4. Analyze the “EMP” Attack: Example of GPS spoofing patterns (USS John S. McCain incident).







ABLOY Security
OTN Systems
Railhead Corporation
Safety Vision
interested in becoming a sponsor?