Lesson

USDOT offers guidance to plan for, prevent, detect, and respond to cybersecurity challenges associated with TMCs.

Article on potential attackers, common cyber-attack processes, and potential points of TMC vulnerability offers TMC managers and operators strategies to prepare for and respond to incidents.


2/1/2015


Background (Show)

Lesson Learned

All networks can be breached and exploited, given enough time and resources. A TMC can make cyber-attacks harder by taking a "Defense in Depth" approach and interrupting as many of the attacker's steps as possible. The mitigation methods described below are based on Information Technology (IT) and e-commerce industry lessons learned, where losses frequently result in immediate and extensive economic losses with legal repercussions.
Stopping Breaches:
  • Assess risk: Resources include the Industrial Control Systems Cyber Emergency Response Team's Cyber Security Evaluation Tool (CSET).
  • Include TMC staff and staff from other departments in social engineering risk evaluation, and train TMC management and staff to identify and defend against social engineering.
  • Implement network segmentation, proper firewall deployment, and best practices in edge device communication.
  • Each agency should develop an IT and Information Security policy, which TMC operators should understand and follow.
  • Each agency should have a visitor policy commensurate with the perceived risk of the transportation system, to prevent potential attackers from creating a new attack surface or breaching an "air gapped" network. A high-risk TMC could take additional steps, such as eliminating physical features that could hide a rogue device or designating a visitor-only area.
Disrupting Scans and Network Mapping:
  • Implement an Intrusion Detection System (IDS) on the TMC internal network to detect abnormal behaviors from field devices and other network components.
  • Consider using a honeypot to help trap intruders on the TMC's internal network and collect attack information for potential future prosecution against the attackers.
  • Encrypt communication on the control network to make it more difficult for the attacker to understand the control system.
    • Consult with the agency's legal department or Chief Information Security Officer (CISO) on legal repercussions, should an attacker illegally break encryption used on government systems.
    • Breaking encryption may indicate Group 2 or 3 threat agent involvement.
Limiting the Effects of Exploitation and Locking the Gate:
  • Realize an attack is happening: Maintain TMC operator and IT support team vigilance.
  • Execute an existing and understood response plan.
  • Monitor TMC data traffic between trusted partners to prevent operational partners from becoming a source of unprotected backdoor attacks into the TMC network.
  • Limit data connections and connection types into the internal TMC network to those required to maintain TMC operations.
  • Conduct and protect frequent backups of critical applications and databases.
  • For systems such as traffic signal control, keep parameters on the local controller current to allow local control to take over if the TMC is compromised.
Defending Against DOS Attacks:
  • Stop an attack at the Internet Service Provider (ISP) connection: DOS attacks typically come from the Internet.
  • Most DOS attacks will target the ATIS/511 server. Consider moving the server into the network's Demilitarized Zone (DMZ), keeping it separated from the internal network with a backend firewall to prevent an attack on this server from affecting core function.
Moving Forward:
  • Know Your Vulnerability: Use the CSET tool to understand the TMC's current vulnerabilities, and institute continuous evaluation and monitoring of the configuration and health of the TMC's IT infrastructure. If possible, review vulnerabilities when planning a new TMC.
  • Understand Your Risk: TMC operators within a jurisdiction encompassing a national security facility may want to reach out to the facility to determine whether the TMC's risk exposures are elevated. TMC owners should determine the damage potential from a breach, considering potential immediacy and breadth of disruption and TMC complexity.
Have a Plan:
  • Protecting a TMC's IT infrastructure deserves the same planning as addressing operational issues. Planning will take time and help from the IT support group.
  • Planning resources include The Roadmap to Secure Control Systems in the Transportation Sector, which was created to help agencies develop and sustain a plan, and resources from the IT industry.
  • Include in the plan a procedure for managing vulnerabilities discovered by "white hat hackers." Hackers could report a vulnerability to the TMC and claim credit for discovery after you fix it, disclose the vulnerability widely and immediately, or sell it to a Group 2 or 3 threat agent.
  • Ensure the TMC and IT teams know how to execute the plan.


Lesson Comments

No comments posted to date

Comment on this Lesson

To comment on this lesson, fill in the information below and click on submit. An asterisk (*) indicates a required field. Your name and email address, if provided, will not be posted, but are to contact you, if needed to clarify your comments.



Source

Cyber Security Challenges: Protecting Your Transportation Management Center

Author: Fok, Edward

Published By: ITS Journal

Source Date: 2/1/2015

URL: https://www.ite.org/pub/?id=898748dd-0c0c-2cb9-c9db-0cac2bc3bd7d

Lesson Contacts

Lesson Analyst:

Elizabeth Cecchetti


Rating

Average User Rating

0 ( ratings)

Rate this Lesson

(click stars to rate)


Lesson ID: 2019-00857