Worries raised over cyber security risk at Crossrail

Complexity is the enemy of security. It’s good that cyber security is being raised as an issue, but worrying that this has come after the design work has been done and we are in the final stages of construction…:

[…] Minutes from the project’s sponsor board meeting on 7 May have revealed that Jacobs, who has been hired by the Department for Transport and Transport for London to oversee the management of the project, has raised serious concerns about how cyber threats have been handled.

The minutes said: “P-Rep [Jacobs] flagged their emerging concerns on the programme-wide issue of cyber security.

“Sponsors asked how long it would take to resolve the cyber security issues and [Jacobs] stated that Crossrail had undertaken deep dives and clarified the software compatibility issue between Windows versions but there remains a technical resource capability issue across Crossrail and their contractors that needs to be addressed.”

In concerning news for the project’s leadership, the DfT and TfL said the cyber worries were an example of new issues arising which were not foreseen by Crossrail.

A string of construction firms have fallen prey to cyber attacks this year with Interserve and Bam both struck in May.

In January, Bouygues fell victim to an online attack, while Zaha Hadid was also hit in April.

[…]

Original article here