Experience with National Railroad Passenger Corporation (AMTRAK)
Amtrak operates an extensive IT system with mission critical application as an online train ticket reservation system.
SeNet conducted a comprehensive network-wide technical vulnerability assessment which encompasses the following elements:
-
External Penetration Testing
-
Internal Network Vulnerability Scans
-
Host-based scans (representative samples)
-
Review of Firewall, IDS and router security configuration
-
Web-application testing of Amtrak’s major ticketing system and credit card processing application
-
Wireless Scanning
-
“War dialing” to identify un-authorized/insecure modem connections among Amtrak’s 5000 phone lines
-
“Social Engineering” of selected technical service functions
-
Physical Security and Operations Security Review of a large call center and the main Data Center
Prior to embarking on this extensive effort, SeNet prepared a Test Plan and a detailed schedule. Test Plan was submitted to Amtrak for review and was approved prior to beginning of this effort. All activities were tightly coordinated with the AMTRAK Project Manager and systems operations staff. Tests of sensitive systems were conducted in non-prime business hours and in some cases on development environments or backup systems.
SeNet assisted AMTRAK in developing, procuring and implementing IT technical security controls, which enhance the organization's security posture. Examples of these controls are:
-
An Intrusion Prevention System (IPS) that supplements an existing Intrusion Detection System (IDS) with proactive elements allowing selective reconfiguration of security parameters in response to detected network and host anomalous activities
-
A security reporting and correlation system, which will provide a unified, consistent and correlated view of security alerts generated by various sources throughout the AMTRAK network, such as IDS, firewalls, routers, server operating systems, etc.
