September-20179GOVERNMENT CIO OUTLOOKcolliding with structures as well as environmental impacts from the spillage of hazardous cargo.There is also the threat of increasing interconnectivity of transportation assets themselves. For example, an airplane is no longer simply a transportation vehicle but also an information dissemination point, mobile Wi-Fi hotspot, and a source of real-time information about airports, airline flight status, etc. To illustrate this, in 2016, a security hole was discovered in the Panasonic Avionics in-flight system is used in planes run by 13 major airlines. IOActive researcher Ruben Santamarta said hackers could "hijack" in-flight displays to change information such as altitude and location, control the cabin lighting and hack into the announcements system.Solutions for MitigationThe first step to securing Intelligent Transportation Management systems is to create a detailed mapping of how and where transportation systems interact with a communications network. If an organization cannot accurately represent these touch points, then it will be virtually impossible to conduct proper risk mitigation assessments. Once assets and interconnections are properly identified, proper security controls may be applied depending on the criticality of the system.The first and most rapid countermeasure deals with device credentials. Default usernames and passwords are known and set by vendors when new industrial devices are shipped. Threat actors can find default configurations via publically available vendor websites and attempt to exploit assets with this information. Identifying and changing default credentials are an essential countermeasure to stop initial attacks.Secondly, additional measures to segment off critical systems from the general IT network. Internal segmentation slows down and/or prevents attackers from breaching higher-security systems. It is recommended that transportation control systems be isolated on a secure network through a firewall or similar device. Securing the data communication with transportation control systems may also be achieved through the use of high-assurance guard appliances that perform data format white listing. Only specific command formats are allowed to pass through to the control systems, thus preventing the sending of non-standard commands that could hijack or damage the target system.Finally, end-point protection software vendors are increasingly offering the ability to "lock-down" a system into a specific configuration, prohibiting the installation or modification of the host. For example, if an interface system is required to run Windows XPTM, the system could be placed into a "frozen" state that only allows the least level of functionality needed to manipulate a target control system.Final ThoughtsIn closing, the following assumptions should be made. Intelligent Transportation Management systems will continue to rapidly expand into: traffic management, public safety and aviation/maritime sectors. Touch points with communication networks need to be identified and documented. Countermeasures such as changing default credentials, network segmentation and system lock-downs should be implemented. Security concerns must be taken into consideration in order to protect our nation's transportation system as interconnectivity continues to expand. The first step to securing Intelligent Transportation Management systems is to create a detailed mapping of how and where transportation systems interact with a communications networkThomas Gresham
< Page 8 | Page 10 >