Rogue-Nation Discussion Board
CSX Transportation probes ‘security incident’ as hackers leak data - Printable Version

+- Rogue-Nation Discussion Board (https://rogue-nation.com/mybb)
+-- Forum: General and Breaking News Events (https://rogue-nation.com/mybb/forumdisplay.php?fid=43)
+--- Forum: General News and/or Events (https://rogue-nation.com/mybb/forumdisplay.php?fid=45)
+--- Thread: CSX Transportation probes ‘security incident’ as hackers leak data (/showthread.php?tid=410)

CSX Transportation probes ‘security incident’ as hackers leak data - EndtheMadnessNow - 03-11-2023

I think someone mentioned possibility of corporate sabotage among rivalries...found this piece from 2021:


[Image: pSCJmPz.jpg]
CSX probes ‘security incident’ as hackers leak data

"20-year-old file transfer product" ?? What were they running it on? Windows 2000 & FTP protocol?

Aside from our hardware infrastructure (roads, bridges, power grids) degrading & collapsing much of our critical infrastructure still runs on ancient, deprecated software because the old adage, if ain't broke don't mess with it. And even when the software company does provide security fix updates prior to a hack to their clients it is common the customer takes there sweet ass time making the update(s) and more often than not it's not updated at all because the downtime required to apply the update is unacceptable. Sure, Bob I'll take care of it next week. However, sometimes the security updates have new flaws that go unchecked until Mr. Hacker finds a way in.

How To Cause Trains To DeRail 101

Step 1- Hack employee information
Step 2- Black mail said employees
Step 3- Derail trains

BTW, CSX chief competitor is... Norfolk Southern Railway.



CISA Advisory:
Quote:Exploitation of Accellion File Transfer Appliance

Last Revised June 17, 2021

Summary

This joint advisory is the result of a collaborative effort by the cybersecurity authorities of Australia,[1] New Zealand,[2] Singapore,[3] the United Kingdom,[4] and the United States.[5][6] These authorities are aware of cyber actors exploiting vulnerabilities in Accellion File Transfer Appliance (FTA).[7] This activity has impacted organizations globally, including those in Australia, New Zealand, Singapore, the United Kingdom, and the United States.

According to Accellion, this activity involves attackers leveraging four vulnerabilities to target FTA customers.[8] In one incident, an attack on an SLTT organization potentially included the breach of confidential organizational data. In some instances observed, the attacker has subsequently extorted money from victim organizations to prevent public release of information exfiltrated from the Accellion appliance.

[Image: GQDloQu.jpg]
Wiki



[Image: J9Kia0t.jpg]

WIRED