http://www.dot.state.ga.us/DOT/plan-prog/intermodal/rail/images/NATIONAL_RAIL_MAP2.jpg

Possibly the largest, and probably most obvious, vulnerabilities to railways is the sheer amount of railroad tracks around the country. There are over 100,000 miles of rail in the United States . The extensiveness of the infrastructure creates an infinite number of targets for terrorists (GAO Report). Since the majority of these tracks are publicly owned, large sections go entirely unmonitored. One of the major problems with this vulnerability is that it is physically impossible to monitor every inch of railroad track at any given time. It just can’t be done. This leaves hundreds of miles of railroad open for terrorist attack.

Points Where Cargo Is Transferred

Image obtained from: http://www.tandler.co.uk/boat.jpg

Another vulnerability posed to railways is at points of which cargo is transferred from one mode of transportation to the other. The issue of port and border security extends far beyond the issue of rail security, although railroads, by virtue of the facts that they carry millions of containers unloaded from or loaded onto steamships each year and move hundreds of thousands of railcars and intermodal units across the Canadian and Mexican border each year, are certainly impacted (AAR Hearing). The sheer number of cargo loaded onto trains makes it physically impossible to actually examine each freight container. This makes it extremely hard to be positive no dangerous materials have made it onto trains they shouldn’t be on.

An example of this vulnerability is when cargo is taken from a cargo ship at a port and then placed on a freight train for land transportation. Even if proper railway security is in place, vulnerabilities may still arise if the security at the port allowed for possibly harmful cargo to get through its own security measures. In this case, the security of the railway is directly affected by the security of other modes of transportation such as the cargo ship and port security.

Train Schedule Databases

Another huge security vulnerability that must be addressed is that of databases containing schedules for shipment of sensitive materials. Schedules of what shipments are going where, and what they contain are kept of trains so that they can get to where they are going efficiently. However, if access to these databases is gained by someone who is not supposed to have that information, a huge security breach could arise.

If terrorists get access to schedules for hazardous material shipments, they would be able to coordinate a terrorist attack accordingly. Access to such information would allow them to know exactly where a train will be at exactly what time. This could allow for terrorists to set explosives on a track that they know a hazardous materials shipment is going to be using. This also provides terrorists with opportunities to hijack trains in areas where they know security is lax.

Information for this section was gathered from: http://www.aar.org/Rail_Safety/Rail_Security_plan.asp

Train Station Lack of Security

Image obtained from: http://www.marblevenus.net/Cecile's%20material/instant%20train%20station.jpg

A vulnerability unique to passenger trains is that they are constantly making highly predictable scheduled stops along the way to their destination. This makes it very easy for terrorist to know exactly where a train is going to be, and how to get to it. People are free to board and exit the train at each stop along the way. Unlike in airports, there are no secure areas in which all passengers must pass through designated security stations to get to. People are free to come and go as they please, and that poses a severe problem in terms of ease of access for terrorists.

The nature of this vulnerability is inherent within the design of passenger trains themselves however. Train stations require that passengers be able to quickly board and exit trains. With extensive security measures in place, such as security checkpoints that passengers must go through, passenger train companies are likely to lose business. If boarding a train became too much of a hassle, passengers would be more likely to simply drive somewhere, or take other means of transportation like a bus or plane.

Information for this section was gathered from: http://www.fas.org/sgp/crs/homesec/RL32625.pdf

Ambiguity in Who Is Responsible For Security

The last major vulnerability with railway security is that the United States does not have one specific agency that deals with the security of its railways. In fact, it actually has over four separate agencies working on implementing security to difference aspects of the railway system. According to the GAO Report, the Transportation Security Administration, Federal Railroad Administration, Federal Transit Administration, and the Research and Special Programs Administration are all partially responsible for railway security.

This poses a problem, because with the agencies working separate of one another, the possibility for gaps in security arises. If each agency thinks that the others have already thoroughly covered a particular vulnerability, it is possible that none of them will actually put in the time and work necessary to fully secure that vulnerability.

                Another costly problem with not having a specific agency responsible for railway security is that certain security aspects that are completely secure may be covered multiple times by multiple agencies. On the surface this seems like a good thing, because we are positive that that aspect is entirely covered. However, if you look at the financial costs of repeatedly covering the same security aspects multiple times, it becomes obvious that a large amount of funds are wasted that could be used on securing other vulnerabilities.

Information for this section was gathered from: http://www.gao.gov/new.items/d04598t.pdf

Major Likely Forms of Attack Aimed at Railways

The major forms of attack that are likely to be aimed at railways can be narrowed down to three subgroups. The purpose of this section is to identify what constitutes an attack in each of these subgroups, as well as elaborate on possible real world implementation of each subgroup.

Destruction of Trains and/or Railways Themselves

Image obtained from: http://www.lampholderpub.com/Graniteville.S.C.1-8-05trainwreck.EPA.gov.jpg

In this particular subgroup, the primary objective of an attack would be to cause as much destruction and damage as possible to anyone onboard, and within the immediate vicinity of a train. This can be accomplished by in many ways. The first way I will discuss is through the use of bombs on the actual trains themselves.

A bomb could be placed on either a passenger train, or a freight train carrying a number of different cargos. Due to vulnerabilities in the security of actual train stations, a terrorist could place a bomb on a train and detonate it at any point while the train is in transit to its destination. Prime targets for this type of attack would be passenger trains containing a large number of passengers, as well as trains containing shipments of hazardous materials. The latter of which would most likely be detonated while the train is close to a highly populated area, such as a major city or town.

Another way that terrorists could destroy a train is through making an attack with the intent to derail the targeted train. This type of attack could be orchestrated by destroying important sections of railway along a trains designated path. An example of this would be if a terrorist destroyed a bridge along a trains path before the train would have enough time to effectively stop, resulting in a derailment. An destroying a bridge like this over a waterway could be extremely destructive if the trains cargo is hazardous and ends up seeping into the water, which would result in a massive amount of pollution or contaminated water supply.

An example of the contamination of a water supply by derailment is clearly illustrated below. The railroad tracks in this picture go right around this local water supply in Altoona, PA. A derailment of a train containing toxic chemicals would be catastrophic.

Image obtained from: http://www.railroadcity.com/hc/index.php

Attacks with the aim of derailing and/or destroying a train can also come in the form of attacks made at railroad crossings. Examples of this could be by parking large vehicles filled with explosives on a railroad crossing, or even driving a an explosive filled or large vehicle into the side of a train as it passes over a railroad crossing. If orchestrated properly, the effects could be extremely damaging to any local cities or towns if chemicals or other hazardous materials are present on the train. An attack like this on a passenger train could also cause a sever loss of life.

Hi-jacking of Trains

In this type of attack a train’s contents is of some value to the terrorists or criminals. These contents could include chemicals which could be used as weapons, biological weapons, or in the case of a military shipment, military weapons and supplies. This type of attack sounds like something out of a movie, but it could in fact be orchestrated in a real life scenario. With information on when and where a train containing a shipment of interest, terrorist or criminals could use the resources available to them to infiltrate trains in transit and effectively hijack them.

Hijackings could be particularly effective on trains that have little or no physical security on the trains themselves. An instance of this would be if a shipment of hazardous materials was only operated by a few conductors in the front car. Once on board, hijackers could easily eliminate the few conductors’ and then have full control of the train. With control of the train, and due to the vast amount of railroad tracks around the country, the hijackers could stop the train in a deserted area and make away with their cargo of interest.

Breaching Railway Databases

            The last form of a possible attack on railways comes in the form of breaching confidential railway databases to obtain top secret information. This type of attack can be conducted either by hacking into an electronic database housing the sensitive information, or by physically obtaining the information from an onsite source. Once the information is obtained it would be more than likely sold to or used by terrorists to conduct either the first or second type of attack mentioned previously.

Breaching railway databases in the previously mentioned way can actually be thought of as a preliminary step to the first two forms of attack. The reason for this is because obtaining information on hazardous material shipments allows for terrorists to better orchestrate an attack on a target, because they will know what it is carrying and where it will be.

Another type of attack that could be used involving railway databases is data alteration. If someone were to access sensitive databases they could have the ability to alter the time tables of when certain trains will be on certain tracks. A variety of vulnerabilities could arise from this. A prevalent example of this would be if someone were to make it seem as though a particular track was clear, when it actually already has a train using it. This could cause anything from head on collisions to extreme confusion as to what trains are actually where they are supposed to be.

All of the attacks mentioned on this page are hypothetical situations our group came up with and were not taken from any specific texts; however, the ideas were influenced by the following articles and reports:

The CRS Report for Congress - Passenger Rail Security: Overview of Issues

http://www.fas.org/sgp/crs/homesec/RL32625.pdf

The GAO Report on Rail Security

http://www.gao.gov/new.items/d04598t.pdf

The AAR Hearing on Rail Security

http://www.aar.org/PubCommon/Documents/Testimony/Oct%2020%20AAR%20Security%20Testimony.pdf