CISA Issues Warning About Critical Flaw in Train Braking Systems Revealed in Hearing

The U.S. House Committee on Homeland Security convened on July 24, 2025, to discuss the implications of the Stuxnet cyberattack, which occurred 15 years ago, and the evolving landscape of cyber threats to critical infrastructure. The meeting highlighted the urgent need for enhanced cybersecurity measures to protect operational technology (OT) systems, which are vital for the functioning of essential services.

The session began with a focus on a recently issued security alert from the Cybersecurity and Infrastructure Security Agency (CISA) regarding a decade-old vulnerability in train braking systems. This flaw, which allows hackers to exploit weak authentication protocols, could potentially lead to catastrophic train collisions. Despite being reported to the Association of American Railroads (AAR) in 2012, the issue was initially dismissed, and it was only after renewed pressure that the AAR committed to replacing the protocol, with a new version not expected until 2027.

Robert Lee, CEO of Dragos, emphasized the ongoing threats to OT networks, stating that the U.S. is unprepared for a major cyberattack on critical infrastructure. He noted that adversaries are increasingly targeting these systems, with nine malware families specifically designed for industrial systems. Lee urged for a shift in focus from IT to OT security, advocating for public-private partnerships and streamlined federal guidance to enhance defenses.

Tatiana Bolton, Executive Director of the Operational Technology Cybersecurity Coalition, echoed these sentiments, stressing the need for greater awareness and resources dedicated to OT cybersecurity. She highlighted the importance of reauthorizing the Cybersecurity and Information Sharing Act of 2015 to maintain effective information sharing between public and private sectors.

Dr. Nate Gleason from Lawrence Livermore National Laboratory discussed the role of advanced analytics in monitoring threats to critical infrastructure. He outlined a multilayered defense strategy that includes understanding infrastructure vulnerabilities, ensuring supply chain security, and developing systems capable of operating through compromises.

The meeting concluded with a call for immediate action to bolster cybersecurity measures across all critical infrastructure sectors. The participants underscored the necessity of collaboration between government and private entities to effectively address the growing cyber threats that endanger national security. The committee plans to continue its discussions and explore legislative support for enhancing cybersecurity resilience in the coming months.