Sitting down with Amir Levintal, CEO and co-founder of Cylus, was the highlight of Safety Detective’s Aviva Zacks’ day. She found out how CylusOne keeps trains working smoothly.
Safety Detective: How did you get into cybersecurity and what do you love about it?
Amir Levintal: My experience in cybersecurity began with my military service. I served in the Israel Defense Force’s Elite Technological Unit as the Director of the Cyber R&D Division, where I managed highly skilled teams who developed cybersecurity, software, and hardware projects.
I enjoyed my service and wanted to apply my expertise to a market that was facing increasing vulnerability to hackers — hackers with the potential to cause extensive damage in an area that hasn’t yet achieved an adequate level of cybersecurity. Together with my friend and fellow veteran of my military unit, Miki Shifman, I became aware of the increasing complexity and connectivity of trains and metros and hence their increased vulnerability to cyber-attacks. Combining our know-how and expertise, we decided to develop a software-based cybersecurity solution to help protect the rail industry.
Train safety and security is a vital component of a country’s economy and the lives of its citizens. Hundreds of millions travel by train and metro every day. Trains also transport hundreds of millions’ worth of goods on a daily basis. In recent years, the rail industry has undergone a transformation, becoming more digitized and connected. Cylus was founded as a result of this recent disruption in the industry. Our goal is to protect the railways from growing cyber threats by detecting and, as a result, putting a stop to malicious activities in rail signaling and control networks.
SD: How does CylusOne work?
AL: CylusOne enables early detection of malicious activity in rail rolling stock and signaling systems, facilitating a timely and effective response before any harm is done. The solution can also perform a technical forensic investigation to quickly resolve open issues (i.e. determining whether it is a technical problem or a malicious attack) and find the source of the threat.
CylusOne keeps trains secure by continuously monitoring what takes place in the network, alerting when systems are compromised and determining how to respond effectively to a cyber-attack. Although the software itself is complex, the CylusOne user interface allows for complete visibility into the network, so rail operators are equipped with a comprehensive view of the network at work, in real-time.
SD: What types of enterprises use Cylus’ services and why?
AL: Cylus works with rail agencies, infrastructure managers and train operators throughout the world. Cylus works proactively to provide cybersecurity to the rail industry because as railways across the globe undergo digital transformation and integrate a host of connected technologies, they are becoming more vulnerable than ever to cyber-attacks.
SD: What cyberthreats should people be concerned about today?
AL: Increased connectivity creates increased vulnerability across industries. With new technologies being integrated into rail systems – i.e. control systems, remote monitoring, remote maintenance, passenger Wi-Fi and other digital technologies and services – rail is becoming increasingly vulnerable, with safety-critical assets more and more exposed to malicious hacks.
Rail agencies have already been affected by ransomware, DDoS, and phishing attacks, as well as attacks on the signaling networks. Attacks like these have caused massive disruption to operations and hold the potential for even greater harm to passenger safety, as well as severe economic and reputational damage.
SD: How do you see the cyber threat landscape developing in the next five years?
AL: In the coming years, I expect to see a rise in targeted attacks on the rail industry. For threat actors, trains are a high-quality target and, unfortunately, the growing number of cyber-attacks on rail companies in recent years suggests that we may experience even more sophisticated cyber-attacks in the future.
In recent years there has been heavy investment in the rail industry into digital technologies for efficiency, safety, and passenger convenience. However, until now, no comprehensive cybersecurity solution has been developed to keep passengers and trains secure.
The ability to detect cyber-attacks and make accurate assessments is critical to the future of transportation, but there are no “one-size-fits-all” solutions – and rail cybersecurity is no exception. Only solutions designed specifically to protect systems and technologies unique to the rails can ultimately keep our trains and metros safe and secure; generic solutions cannot provide such comprehensive protection. Our company combines deep expertise in cybersecurity and rail to meet the specific needs of the rail industry.