Amtrak Vulnerability Assessment

Amtrak Unlimited Discussion Forum

Help Support Amtrak Unlimited Discussion Forum:

This site may earn a commission from merchant affiliate links, including eBay, Amazon, and others.
Joined
Jan 20, 2016
Messages
940
Location
East San Diego County
The recent cancellations of Amtrak trains due to cold weather, loss of power in certain sections of the county, etc. made us realize even more how unforeseen factors can disrupt passenger train service. It also got us wondering as to how vulnerable Amtrak service is to DELIBERATE acts of cyber-terrorism such as the taking out of communication satellites, the internet, power grids, and computers in general. While air travel would really be hit hard by these loses, one would think that trains could still continue to run. Undoubtedly some sort of “threat assessment” has been done for the railroads in general and Amtrak in particular. We’d be interested to hear what those AU members “in the know” have to say about this.

Eric & Pat
 
We’re not asking for classified or sensitive “need to know” information that would benefit the bad guys. Trains obvious ran before there was an internet, communication satellites, cell phones, GPS, digital radios, etc. so it stands to reason that if these modern technologies went down for any length of time, trains could still run or at least be up and running sooner than perhaps commercial airliners.
 
We’re not asking for classified or sensitive “need to know” information that would benefit the bad guys. Trains obvious ran before there was an internet, communication satellites, cell phones, GPS, digital radios, etc. so it stands to reason that if these modern technologies went down for any length of time, trains could still run or at least be up and running sooner than perhaps commercial airliners.
I do believe planes also flew before all that modern stuff came into existence. ;)
 
Once the electricity goes, the signals stop working. Then trains stop moving. Eventually the dispatchers move trains at restricted speed until signals and power at restored. I’ve experienced two significant delays because of this.
The first was in August 1997. It was my gf’s first trip on Amtrak. A series of thunderstorms blew trees onto electrical wires and tracks. We sat near Porter, Indiana for 6 hours. We looked at the same house the entire time and listened to my scanner. My GF got an advanced course in railroading which was way more than she wanted at the time. She was alarmed when she kept hear “crew died”. She did not know about the hours of service.

The other time, was on the international returning from a day trip to Battle Creek. It was a record cold day( schools closed so I went railroading).

Once we left Porter we ran at restricted speed most of the way to Hammond Whiting. A late night with an early return to school. A great day for me because I rode some ATSF hi level coaches to and from Battle Creek instead of boring Amfleet.
 
I do believe planes also flew before all that modern stuff came into existence. ;)
There are still some small airports around that don't have much in the way of technology. I know, I flew into one a couple of times as a passenger on a private plane. No tower, no radio contact, the pilot kind of flew by the landing strip to make sure nobody was on it, and then made his approach and landed.
 
There are still some small airports around that don't have much in the way of technology. I know, I flew into one a couple of times as a passenger on a private plane. No tower, no radio contact, the pilot kind of flew by the landing strip to make sure nobody was on it, and then made his approach and landed.
That's called IFR Flying ( I Follow Roads) and it's "See and Be Seen" by the Pilots!
 
We’re not asking for classified or sensitive “need to know” information that would benefit the bad guys. Trains obvious ran before there was an internet, communication satellites, cell phones, GPS, digital radios, etc. so it stands to reason that if these modern technologies went down for any length of time, trains could still run or at least be up and running sooner than perhaps commercial airliners.

Major transportation coordination centers have redundancy in their power supplies to account for power loss or natural disasters. Not to mention that those systems are pretty well secured.

While I agree that some sort of assessment has likely been done, there’s no way we’d every see anything from it.

Once the electricity goes, the signals stop working. Then trains stop moving. Eventually the dispatchers move trains at restricted speed until signals and power at restored. I’ve experienced two significant delays because of this.
The first was in August 1997. It was my gf’s first trip on Amtrak. A series of thunderstorms blew trees onto electrical wires and tracks. We sat near Porter, Indiana for 6 hours. We looked at the same house the entire time and listened to my scanner. My GF got an advanced course in railroading which was way more than she wanted at the time. She was alarmed when she kept hear “crew died”. She did not know about the hours of service.

The other time, was on the international returning from a day trip to Battle Creek. It was a record cold day( schools closed so I went railroading).

Once we left Porter we ran at restricted speed most of the way to Hammond Whiting. A late night with an early return to school. A great day for me because I rode some ATSF hi level coaches to and from Battle Creek instead of boring Amfleet.

I am not sure what Amtrak’s procedures are regarding signal failure but I believe most freight railroads still utilize Track Warrant Control in such a situation. I know for a fact CN still uses it on their lines in the Upper Peninsula of Michigan. Probably would result in reduced flow and lower speeds but it’ll keep things moving.

Additionally, crew members are authorized to use their personal electronic devices for company business as long as they are not in the operating compartment of the train. Meaning that if radios failed, crews can still get their instructions from RTC via their cellphones.
 
In theory the railroads for the most part should be alright. Now that being said the six major class ones have really forgotten how to railroad and they probably would shut down in a massive cyber attack.

That being said things like power outages occur all the time out in the railroading world because signals are powered off local grids. In that case there is an established protocol in which to run.

Even now on many lines there is still Track Warrant Control. On CSX it works like this on the CN&L Sub (Which does have signals and dispatcher controlled switches) a train radios the dispatcher and gets an EC-1. The EC-1 is a form the conductor fills out while in radio contact from the dispatcher. That authorizes their movement. So for instance they will get an EC-1 from Dover Connection (Clinton, SC) to SE Slighs (Just north of Little Mountain) which is their authority to occupy the track designated on the EC-1 with exclusive occupancy. When the train would reach SE Slighs they would release their EC-1 which allows for another train to be occupying that territory.

Now it is a time consuming process but it could be done for any rail line in that style of attack. As long as the radios work it can be done.

Now as far as power outages all of the bungalows have a battery bank as back up. If the white light is on on the bungalow that means they are drawing electricity. If that light is off they are running on battery power. Same goes for wayside signals. Power outages are common tree hits a power line, car takes out a power pole, etc. Safety appliances have to work 100 percent of the time which is why they have a back up.
 
That's called IFR Flying ( I Follow Roads) and it's "See and Be Seen" by the Pilots!

You accidentally got it backwards. IFR stands for “instrument flight rules”, and what the previous poster was describing was VFR - “visual flight rules”. VFR is the “see and be seen” approach.

Back in the 90s our company used a small company plane pretty frequently, and I was a frequent passenger.

For short flights when the weather was clear and we didn’t pass by any major metropolitan areas, we would sometimes use VFR. But a lot of the time we would go ahead and file our flight plan IFR.
 
What may make railroads (and everything else) more vulnerable in modern times is more and more reliance on computers for operation...especially if those computers are connected to the internet...."hacker's" seem to learn to penetrate any type of security, if given enough time. It is a constant seesaw battle between computer security people, and hacker's to get a step ahead....
 
What may make railroads (and everything else) more vulnerable in modern times is more and more reliance on computers for operation...especially if those computers are connected to the internet...."hacker's" seem to learn to penetrate any type of security, if given enough time. It is a constant seesaw battle between computer security people, and hacker's to get a step ahead....
As someone who, in a former life (pre-retirement i.e.) did computer and network security, it's mostly not that hackers "seem to learn to penetrate any type of security, if given enough time", Rather it is hackers who find the stupidity, and most often, it is management that is responsible.
  • They get rid of the security person "because he/she is too expensive" or "we don't need that".
  • They don't want to spend money on offline backup protection, staff training, enforcement of rules on data protection, extra hardware and software for protection.
  • They don't want to install security patches ASAP because "if it ain't broke, don't fix it" (as one manager told me). Of course, if it wasn't broke, there wouldn't be a security patch but the road doesn't have a hole in it until I get there.
  • They don't want to burden their employees with such "difficult" tasks a logging in, verifying their identity, etc or pick the cheapest solution, not the one that would make it easy for staff but difficult for outsiders.
  • They want their employees to be available 24x7 at no extra pay so they make outside access easier or their staff would rebel at having to come in at all hours to fix a problem.
  • They all want to personally have admin access because that makes them feel important (two VPs of one company argued over that issue to me!)
  • They violate the security rules themselves (a common thing in my experience)
  • They have no idea if there are unhappy/dissatisfied staff and they don't care. We've all seen that.
  • They refuse to pay for company-owned security-enhanced tools (laptops, phones, etc) and tell their staff to use their own.
It doesn't take much to hack into systems when management makes it easy. For many companies, the only reasons they don't get hacked is that there are more lucrative targets and so many places rely on software providers that use their lucrative customers as beta testers.

And, yes, as part of my job, I encountered every one of those type of customers and suppliers many times.
 
You would think that the Defense Department would insure it was "hack-proof", regardless of the expense, but we do occasionally hear about breeches....
A lot of the nuclear secrets are actually held under Department of Energy, not Department of Defense.
 
I have to take the opposite side from that of a number of prior respondents.

The thought that the railroads would continue to run without all the aid of electronics just because they used to in the days of steam engines is a complete fallacy. For starters, they ran on train orders to manually controlled interlocking towers issued by dispatchers who saw only the train sheet spread out before them. The towers are long gone, as are the train sheets and the dispatchers that used them. There's no 'fall back' to fall back to. It's long gone. "Proceed at restricted speed" for 100s of miles on a busy double track mainline? You HAVE to be KIDDING!

However, on the plus side, 16 years ago, as a Fedex Home Delivery driver, once every 6 months it was necessary to do my route without the hand scanner to prove readiness in the event of a scanner failure. I already knew all the roads in the 11 ZIP codes I covered every day. Working from the regular computer-printed list of stops to make that day, I had to deliver each one and mark on the sheet time of delivery. When I got home, I signed on to the appropriate web site and manually entered those times for each package. These days, the scanner/route planner device for Amazon, and likely UPS and FEDEX as well, tells every driver turn by turn and decides for them what package to deliver next and how to get there. Turn THAT off and the drivers are completely powerless to figure out how to do their route! Many don't even know the names of all the streets in their territory nor how to get there in a timely fashion.

I suspect that 'trip planner', PTC, and countless 'boxcar routing/scheduling' systems, et all, are nothing more than a good way to take the 'brains' out of people doing their job and depending on the computers. It's no different that the computers at fast food restaurants. Having worked at Burger King and Burger Chef in the 1960s, we had to do all the math in our head...no cash registers, etc. Giving a clerk an extra 8 cents for a $4.83 order is 100% bewildering to them. And to this day, I STILL know my pre-tax amount in my head before THEY do!

As for 'seat of your pants' flying, I used to regularly fly North Central Airlines in MN, WI, IL and MI. I made a number of takeoffs and landings in unstaffed airports, in everything from 12 seat puddle jumpers to DC-9s in blizzards, too. How many commercial pilots of today have a clue how to do that? Much less even find the airport and land in a blizzard when their previous routes were warm weather only cities?

As far as the railroads having some resiliency these days, you have to be joking!!! Long before EHH decimated the ranks of operating crew and equipment, the Wall Street powers were demanding reduction of employees (employee = 4 letter word in many financial circles) resulting in lack of rested crews whenever delays happen. Take the 'melt down', er...'freeze up' in Chicago 6-7 years ago that brought all the affected railroads to a near standstill for MONTHS after all the snow was gone! Causes? Lack of track maintenance staff to clear frozen switches, so all were straight lined (if possible) and lack of rested crews to relieve those who 'outlawed' enroute. All the result of 'right sizing' train crew staffing. Does ANYONE believe that PSR has any built-in resiliency whatsoever???

Between lack of staff, lack of equipment, and lack of know how, railroad resilliency, indeed, all transportation system resiliency is nothing more than someones' 'blue sky', completely untested and unproven plans.

And what about the electrical grid? These days, given the knowledge that it is almost 100% remotely controlled via the internet and that there's a finite number of internet-controllable 'switches' that turn on/off things associated with the grid, it's completely possible that a knowledgeable hacker sitting at home in Timbuktu can shut down anything from generators to power stations in the USA at will. For what it's worth, 35 years ago, while doing extensive programming at a regional Baby Bell, I wrote software on the mainframe that would access every telco switch (central office, eg, NPA-NNX, known to most as an 'exchange') in their region to extract make and model information as well as various hardware options. Each had their own 'protocol' to follow. As I had to access the instruction manuals for each to know how to do that, it would have been easy to reprogram and/or command them as desired.

Shut down the electrical grid and what happens? Texas is a text book example! Few in America today have any 'backup' plans whatsoever. It took a Halloween 2012 surprise sloppy wet snow storm with most of the leaves still on the trees (quite late for leaves in New England) that left me and most of western MA in the dark for a week or more before I finally developed, implemented, and tested a survival plan. How many businesses have done THAT? Oh...there's backup dispatching centers and backup generators for the railroads, but what if everything out in the field is dark? I could go on and on about grid vulnerability, but this response more than long enough. Oh...and as a 'jab' against a 'green' world with no fossil fuel transportation...how will the emergency generators be fueled when the lights go out and it's still snowing?
 
Last edited:
You would think that the Defense Department would insure it was "hack-proof", regardless of the expense, but we do occasionally hear about breeches....
I'll add to that: That were made public...

It's no different than the number of companies that I've regularly dealt with online that have received verifiable letters indicating their computers have been breached and my information compromised. I can only think of ONE - that's ONE - of the 8-9 or so in the past 10 years that made that information public, or, at least, was disseminated by MSM. That was Equifax.
 
You would think that the Defense Department would insure it was "hack-proof", regardless of the expense, but we do occasionally hear about breeches....
Computer security is a moving target that requires constant vigilance. It's easy to say "hack-proof" but surprisingly difficult to implement truly safe computing in a manner that does not undermine required functionality.
 
Last edited:
I've long thought we should have a fleet of low tech engines in standby ready reserve for the event of an attack. I believe but haven't found verifiable facts to prove it that the Soviet Union maintained a fleet of serviceable steam engines up until 1991. Just in case there was an EMP Attack that they could still move military, and civilian supplies. Honestly if that is true it is actually a very good idea to maintain that. Now the Russians now have a ton of operating steam locomotives either used in tourist service, or in yard service in major cities. And now in select commuter service. I've heard now it's more of a way to burn used oil from the diesels but still in the event of a problem they have the engines to run.

How many first and second generation diesel locomotives are still around, and add a decent amount of steam power you could at least keep supplies moving to keep the power on, and move food and supplies around. There is an argument you could make for that style of preserved fleet of yesterdays technology for when today's technology fails us.
 
Back in 1965, during the famous Northeast blackout much to their dismay the power generating companies discovered that the auxiliaries that were necessary to start up a power plant were themselves powered by the grid. So once the grid went down they had no way to bring the generating plants up, to restore the grid. In Cambridge MA they ahut down Mass Ave near MIT, and laid a cable across Mass Avenue connecting the MIT experimental nuclear reactor to a feed to power up the auxiliaries of a power plant in Cambridge to bring it up so that they could start restoring the grid in Massachusetts.

So this sort of complacency and lack of planning dates back at least to 1965 and earlier. Nothing new.

Since then it has been a requirement to have auxiliary generators at each power plant to power the critical auxiliaries needed to start up the station.
 
You're Flight Instructor never told you VFR Flying is "I Follow Roads?";)
I've been told by a couple of private pilots in the past 40-50 years that following roads is sometimes the easiest way to navigate...if they already know, for example, that Interstate xx goes straight to whatever city.

In the early 1970s while in the USAF, one of my railfan friends was an air traffic controller at Wright Patterson AFB outside of Dayton OH, where we were both stationed. I joked one day that they probably told the inbound planes to follow I-70 to the 'white church' and turn left. He didn't deny it. I don't recall there being any white churches in the vicinity along I-70, either. Perhaps they used some other landmark to identify when to line up with the runway. He also relayed a story where TWA landed without notice at WPAFB as the Dayton airport (in Vandalia) is only 10 miles away and in all likelihood, the TWA pilot was asked by the DAY tower if they 'saw the runway', which they did.
 
Back
Top