United States to tell critical rail, air accompanies to report hacks, name cyber chiefs

United States to tell critical rail, air accompanies to report hacks, name cyber chiefs

The Department of Transportation protection Administration programs to introduce new regulations that will compel the most important United States. railroad and airport operators to improve their cybersecurity procedures, Office of Homeland Security Secretary Alejandro Mayorkas will announce in an speech about Wed.

The upcoming changes will make it mandatory as “higher-risk” rail transit companies and “critical” United States. airport and aircraft operators to do 3 things: name an boss cyber official, disclose hacks to the government and draft recovery plans for whenever a attack were to occur.

The planned regulations come after cybercriminals attacked an major United States. pipeline operator, causing localized gas shortages on the United States. East Coast in May. The incident led to new cybersecurity rules as pipeline owners in July.

“Whether along air, land, or ocean, our transportation systems is of utmost strategic importance to our national and economic security,” Mayorkas plans to say, based about prepared remarks reviewed along Reuters. “The last yr and an half has powerfully demonstrated what’s at stake.”

An key concern motivation the new policies comes by an growth in ransomware attacks against critical infrastructure companies.

“It is the first by its kind on respect to the cyber focus,” said a senior Office of Homeland Security official, who declined to be named, about the railway security directive and a update to aviation security programs.

Ransomware, an type by malware variant that encrypts an victimized system till the owner pays an ransom in the form by cryptocurrency to the hacker, has become increasingly common in recent years.

“If transportation doesn’t work, if people can’t go by A to B, then them can make pressure pretty quickly [to pay the ransom],” said the senior official.

The announcement also follows reports in June by an Chinese hacking group infiltrating New York City’s Metropolitan Transportation Authority and a August 2020 ransomware attack against the Southeastern Pennsylvania Transportation Authority, causing an disruption to services.

The Office of Homeland Security Department helped investigate the MTA incident alongside other federal agencies, including the FBI.

Last month, the Transportation Safety Administration notified the private sphere about the impending regulations, said the senior official, and the agency are currently receiving feedback.

The regulations will become active ahead the end by 2021.