New TSA regulations to address cyberattack threat to rail systems

The government also creates a new group to prosecute crimes involving cryptocurrency.

Bree Fowler Senior Writer
Bree Fowler writes about cybersecurity and digital privacy. Before joining CNET she reported for The Associated Press and Consumer Reports. A Michigan native, she's a long-suffering Detroit sports fan, world traveler, wannabe runner and champion baker of over-the-top birthday cakes and all-things sourdough.
Expertise cybersecurity, digital privacy, IoT, consumer tech, smartphones, wearables
Bree Fowler
2 min read

New regulations will help railroads deal with cyberattacks.


The Transportation Security Administration will soon issue new regulations designed to make transit agencies and airlines better prepared for cyberattacks.

Homeland Security Secretary Alejandro Mayorkas says that, under the new directive, railroads and rail-related entities deemed "higher-risk" will be required to appoint a point person in charge of cybersecurity, report cyberincidents to DHS' Cybersecurity and Infrastructure Security Agency and create a contingency plan for what to do if a cyberattack were to happen.

Lower-risk railroads and related entities will be encouraged but not required to take the same steps, he said. Mayorkas made the comments during a speech given virtually Wednesday at the Billington Cybersecurity Summit.

Additional regulations will boost cybersecurity in the aviation industry, Mayorkas said. "Critical" US airport and passenger aircraft operators, along with all cargo aircraft operators, will also be required to put in place a cybersecurity coordinator and report cyberattacks to CISA.

"We need to be equipped today, not tomorrow," Mayorkas said. "I can't overemphasize the urgency of the mission."

Transit systems, big and small, have been recent targets for cybercriminals. This past spring, a hacking group with possible ties to the Chinese government compromised the computer systems of the Metropolitan Transportation Authority in New York

Transit officials said at the time that the hackers didn't gain access to systems that control train cars and that rider safety was not at risk. But they later raised concerns that hackers could have entered those systems or that they could continue to exploit the agency's computer systems through a back door.

In June, a ransomware attack shut down the main booking system of the Steamship Authority of Massachusetts, which runs ferries from Cape Cod to Martha's Vineyard and Nantucket. Ships ran safely, but passengers weren't able to book or change their reservations online for more than a week, and credit card use was severely limited.

Also on Wednesday, the Department of Justice created a new unit to handle investigations into crimes involving cryptocurrencies, which are often demanded by hackers in ransomware attacks. The National Cryptocurrency Enforcement Team is designed to undertake investigations and prosecutions of crimes involving cryptocurrency, including those committed by crypto exchanges, coin mixers and tumblers, and money launderers, according to the department.

In a statement, the department said the new team was needed to combat growing use of cryptocurrency for ransomware payments, money laundering, and as a means of exchange on "dark markets" for weapons, drugs and hacking tools. 

"As the technology advances, so too must the Department evolve with it so that we're poised to root out abuse on these platforms and ensure user confidence in these systems," Deputy Attorney General Lisa Monaco said in the statement.

CNET's Andrew Morse contributed to this report.