Barely a month after Bay Area residents struggled through a Bay Area Rapid Transit (BART) strike, commuters were once again left scrambling for a way to get to work this morning. Unlike during the strike, when commuters had weeks of notice that a work stoppage was likely and had time to plan alternate arrangements to get to work, this morning commuters woke up to the news that a ‘computer problem’ just after midnight had shut down the nation’s fifth largest commuter rail system.
BART announced this morning that at the time of the problem, 19 trains were running with between 500 and 1000 riders on-board, system-wide. All riders safely reached their final destinations, but only because BART train operators and track crews manually moved track switches into position to properly route the trains – something which could be done with minimal late-night train service, but obviously not for the full scale of a morning commute.
Train service normally begins at 4:00AM for weekday commuters, but it wasn’t until 7:15AM when partial service began to be restored. By that point, the damage to the morning commute was already done. Traffic was already snarled as commuters took to the roads, leading to lengthy delays at the Bay Bridge, and many of the Bay Area’s other commuter arteries. Even with full-service restored, the afternoon commute should also be more congested than other Fridays.
BART’s spokesman Jim Allison explained that “BART’s computer systems in central control (were) not communicating properly with the track switches.” He also said that the computer problems were not related to the overnight wind storm, though separate weather issues had caused smaller delays during the storm.
As of this moment, no reason has been given to suspect the computer problem was intentionally caused. However, Thursday afternoon the BART Board of Directors voted 8 to 1 to accept the tentative contract agreement that came out of last month’s strike, but without a clause that was inadvertently included that BART officials say would cost them millions over the four-year contract.
The clause in question would allow workers to receive full pay for up to six weeks of family health leave, where in the prior contract, the language said that workers had to use vacation time and sick time first.
I want to stress that no illegal activities are being suggested for being the cause of this morning’s service disruption, and I personally have no reason to believe that anything improper happened last night, but I wanted to take this opportunity to issue a reminder that the attack surface for an organization spans across both external and internal systems.
It’s important to know both where vulnerabilities and exploits might exist in your organization, as well as to have the ability to have critical files monitored and logged when changes are made on critical infrastructure systems.
Sometimes, a glitch is just a glitch, but wouldn’t you rather know for sure?
Coverage of today’s problems:
Coverage of the strike and the current contract language issue:
- Hacking Your Way Through Airports and Hotels
- Top Five Hacker Tools Every CISO Should Understand
- Five More Hacker Tools Every CISO Should Understand
- Security Configuration Management for Dummies
P.S. Have you met John Powers, supernatural CISO?
Title image courtesy of ShutterStock