ABSTRACT

Transportation Cybersecurity: Protecting Planes, Trains, and Pipelines from Cyber Threats, Joint Hearing Before the Subcommittee on Cybersecurity, Infrastructure Protection, and Innovation and the Subcommittee on Transportation and Maritime Security of the Committee on Homeland Security, House of Representatives, One Hundred Seventeenth Congress, First Session, October 26, 2021   [open pdf - 272KB]

This is the October 26, 2021 joint hearing on "Transportation Cybersecurity: Protecting Planes, Trains, and Pipelines from Cyber Threats," held before the U.S. House Committee on Homeland Security, Subcommittee on Cybersecurity, Infrastructure Protection, and Innovation and Subcommittee on Transportation and Maritime Security. From the opening statement of Yvette D. Clarke: "We are here to assess the administration's actions aimed at mitigating the cybersecurity challenges facing the transportation sector. Earlier this year, our subcommittees worked together to evaluate how the Federal Government partners with the private sector to respond to a ransomware attack against Colonial Pipeline which resulted in 5,500 miles of pipeline being shut down. As panic led to fuel shortages at gas stations along the East Coast and airlines scrambled to find alternative fuel supplies, we learned that, No. 1, attackers infiltrated Colonial Pipeline's business network using a legacy VPN that did not require multifactor authentication; No. 2, the flow of information between Colonial Pipeline, the Cybersecurity and Infrastructure Security Agency, and the Transportation Security Administration was slow, fueled in part by on-going confusion about which agency was in charge; and, No. 3, despite repeated offers from TSA, Colonial Pipeline had not yet undergone an important security assessment, a validated architecture design review, and did not have a disaster response plan that contemplated a full--the full scope of cyber threats." Statements, letters, and materials submitted for the record include those of the following: Suzanne Spaulding, Patricia F.S. Cogswell, Jeffrey L. Troy, and Scott Dickerson.

Report Number:
Serial No. 117-34
Publisher:
Date:
2022
Copyright:
Public Domain
Retrieved From:
U.S. Government Publishing Office: http://www.gpo.gov/
Format:
pdf
Media Type:
application/pdf
URL:
Help with citations
Listed on Cyber Infrastructure Protection [Featured Topic]
Listed on Cyber Crime & National Security [Featured Topic]