DutchRailnut wrote:it would still have shown on event recorder and there is still a panic button in cab that shuts entire locomotive down.
believe me, we would have known by now.
Not necessarily. To quote Scotty from "Star Trek: The Search for Spock"
The more they overthink the plumbing, the easier it is to stop up the drain.
Very typically in many computerized systems (especially ones not necessarily designed from the ground up to be secure) there's nothing special about logging and a skilled hacker very commonly will alter the logs to hide their traces.
Now, I know nothing about the panic button, but if, like is unfortunately too common in some systems it is tied into the computer and causes the computer to initiate a shut-down, that too can be hacked to do something other than a shutdown. This is where you want to seriously consider a button that physically cuts the system so there's really only one failure mode.
From what I've read and my background, I suspect the FAA and others are really downplaying the state of the art in airliner cases. Of course some of us said this 5+ years ago (or whenever the first articles discussing the lack of an airgap on the 787's systems was first brought to light.)
The problem with computer security is the hacker only needs to be right once, the folks protecting the systems have to be right every single time.
Now, fortunately most hackers won't go after SCADA and SCADA type systems because there's not much money there. (They'd rather hack and get your passwords and CC# ).
Unfortunately, the folks who DO target SCADA systems are state and major non-state players who aren't in it for the money (and have a LOT of money to back them).
An example of this is the Stuxnet virus, which was designed to target a very specific target that was airgapped.
I'll point out that Stuxnet is a minimum of 5 years old at this point and there's a LOT of evidence the state of the art in attacks has gone well past this now.
So, if it was a kiddie-script hacker, it's unlikely they'd have made it in, and if they did, you're right, there would almost certainly leave behind evidence.
However, the lack of evidence does not necessarily mean anything either.
That all said, I HIGHLY doubt that this particular incident was computer related and agree that at this time there is ZERO evidence to support such a leap. That said, don't be surprised if sometime in the next decade we see a state or non-state player attack on parts of our transportation infrastructure.
Check out
QuiCR, Quick, Crowdsourced Responses for businesses.