Safety on the Rail: An Update on Cybersecurity Efforts for Railways

The end of 2022 was a bit rough for the railway industry as it faced the possibility of a massive strike. While that issue settled, another risk continues to grow – cybersecurity. This was recently reflected through the case of rail systems and locomotive manufacturer Wabtec. As reported by SecurityWeek, Wabtec had to undertake the unfortunate task of notifying individuals that they may have been impacted by a ransomware attack that the company experienced last year. Not only is this a serious task considering that Wabtec branches across the U.S., Canada, UK and Brazil were potentially affected, but it also demonstrates the widespread effects that a cybersecurity breach on rail operations can have.

The Rising Importance of Railway Cybersecurity

Railways are both a significant economic and critical infrastructure component. According to StateTech, there are 140,000 miles of track and 28,000 locomotives in the U.S. Plus, the “rail industry moves 1.7 billion tons of goods per year,” Randy Barrett explains. Therefore, ensuring the safety of this industry is essential. And as we’ve explored, that increasingly includes cybersecurity.

While IT and OT used to exist as separate entities within operations, they are rapidly converging in today’s digital environment. This shift is definitely occurring among rail organizations. While this offers efficiency, it is presenting cybersecurity challenges as well. This is particularly true for critical infrastructure, which has become a prime target for cyberthreats since the sector is more likely to pay in order to avoid large-scale problems. And because they fall under the critical infrastructure umbrella, railways are very much involved in this trend.

Developing Railway Cybersecurity Initiatives and Rules

As awareness around rail cybersecurity builds, more and more action plans are being assembled. For instance, some rail operators have taken to running tests that reveal potential IT and OT vulnerabilities.

On a grander scale, the Transportation Security Administration (TSA) announced a new cybersecurity security directive for designated passenger and freight railroad carriers in October. As described in a press release from TSA, the effort is meant to “further enhance cybersecurity preparedness and resilience for the nation’s railroad operations.” The directive features four overarching requirements. They include designating a cybersecurity coordinator, reporting cybersecurity incidents to CISA, developing a cybersecurity incident response strategy and assessing vulnerabilities. Additionally, the TSA put out an Advance Notice of Proposed Rulemaking (ANPRM), which asks owners and operators in the rail industry to contribute cybersecurity input and feedback by January 17, 2023.

To learn more about how Dellfer can assist with protecting rail operations, visit



Table of Contents

Subscribe to
The Dellfer Brief

The latest industry insights and company news delivered to your inbox.

See Our Blog Posts

Enter Your Information to Access This White Paper

Enter Your Information to Access This White Paper

Enter Your Information to Access This White Paper

Enter Your Information to Access This White Paper

Enter Your Information to Access This Datasheet

Enter Your Information to Access This Datasheet