As high-profile cyberattacks disrupt everything from the national gasoline supply to ferry service in Massachusetts, News4 checked in on the D.C.-area Metro system’s cyber defenses.
WMATA’s cybersecurity director, Kyle Malo, said Metro officials combat cyber threats on a regular basis and are always on guard.
“Every day, Metro gets attacked,” he said in an interview Thursday.
The most common attacks on the system are simple email phishing schemes to try to gain information, Malo said. Metro has never had to pay a ransom, Malo said, but the prospect of certain threats does keep him up at night. Anything that would “keep the trains from running” is the “nightmare scenario,” he said.
“Thankfully we’ve never come anywhere near that kind of attack,” Malo said.
About past threats, he said, “We will, yes, generally be able to identify if it’s Russian versus a Chinese-sponsored type of attack, or if it is just an organized crime criminal entity that may not be affiliated with a nation state.”
“So, that sounds like you’ve dealt with all of the above,” News4 asked. “Is that true?”
“We absolutely have. Yes,” Malo replied.
Metro’s inspector general has previously called for cybersecurity upgrades.
No matter how successful the agency is at fending off attacks, experts say they will keep coming and there will be disruptions.
“I think the transportation industry should be very concerned,” said Steve Seiden, CEO of Acquired Data Solutions. “We have seen the last couple of attacks have significant impact, and we cannot take this lightly.”
Metro leaders say any movie scenario in which a train or bus would become controlled by an outside group is highly, highly unlikely.