Could hackers gain access to modern rail signalling equipment and cause serious crashes?
Network Rail has acknowledged that its plan to upgrade its ageing rail signalling system with a hi-tech alternative could pose a security threat.
Professor David Stupples, an expert in networked electronic and radio systems at City University in London and a government advisor has warned hackers could access the new system and potentially cause catastrophic train crashes.
The computerised new signalling system, known as ‘European Rail Traffic Management System‘ (ERTMS), is currently being tested in the UK, and is used in other parts of the world. Stupples told the BBC that the new computer-based signalling system could expose the rail network to cyber-attacks.
ERTMS will become operational by 2020, and is designed to take control of certain trains on busy routes in order to reduce the risk of a driver mistake.
“It’s the clever malware [malicious software] that actually alters the way the train will respond,” he was quoted as saying. “So, it will perhaps tell the system the train is slowing down, when it’s speeding up.”
“Governments aren’t complacent”, the professor added. “Certain ministers know this is absolutely possible and they are worried about it. Safeguards are going in, in secret, but it’s always possible to get around them.”
Stupples claimed he had spoken up to raise awareness of the threat, and he has warned that while ERTMS is well protected against outside attack, there is a risk from a rogue insider.
He added that part of the reason that transport systems had not already been hacked as frequently as financial institutions and media organisations was that much of the technology involved was currently too old to be vulnerable. Essentially, our train signalling is mostly mechanical, and hence cannot be accessed by hackers.
“We know that the risk [of a cyber-attack] will increase as we continue to roll out digital technology across the network,” a Network Rail spokesman told the BBC. “We work closely with government, the security services, our partners and suppliers in the rail industry and external cybersecurity specialists to understand the threat to our systems and make sure we have the right controls in place.”
A number of security experts have agreed that transportation systems are potentially vulnerable.
“Whether we’re talking planes, cars or trains, nobody wants to take risks with passenger safety and a piece of malware designed to target transport systems could be potentially catastrophic in the right environment,” said Chris Boyd, malware intelligence analyst at Malwarebytes.
“Having said that, these systems are designed with redundancy in mind and if a ‘rogue employee’ was going to try and intentionally infect the underlying technology, the trail would lead back to them quite quickly.
“We may as well ask why they wouldn’t just perform a malicious act without the aid of an advanced piece of malware. We could also debate the likelihood that someone with access to these systems would obtain malware like this, or understand how to use it. Developers of attacks such as these certainly wouldn’t be giving them away, and I suspect a rail worker probably couldn’t afford it – never mind find where it would be on sale in the first place.”
And Chris McIntosh, CEO of ViaSat UK, also highlighted the need to protect critical infratructure.
“Network Rail is once again demonstrating the key security issues facing critical infrastructure, whether railways or nuclear power plants,” said McIntosh. “As such infrastructure becomes a more tempting target for either sabotage or blackmail, so the modernisation of communications systems provides far more avenues of entry for potential attackers. We’ve already seen this in the energy industry, where replacing dedicated lines of communication with internet-based access to multiple end points, such as smart meters, has opened up new lines of attack.
“While the rail signals network will have fewer potential points of entry than the energy infrastructure, the same lessons still apply.Organisations should assume that any technology that can be hacked, has been hacked and plan accordingly. This means monitoring systems to ensure that any potential attack is swiftly identified and quashed. It also means encrypting data so that potentially harmful information cannot be stolen and used down the line (excuse the pun). And finally it requires having fail-safes and backups in place so that the effects of an inevitable attack will be minimised, and in order to support a rapid return to normal service provision.”
The frequency of hacking attacks nowadays does seem to be increasing. But it is the threat to vital infrastructure that is causing real headaches for government security officials and law enforcement teams.
Last week, the US Government Accountability Office warned that in-flight Wi-Fi could be used by terrorists or other hackers to take control of an aircraft’s avionic systems.
And one of the world’s foremost experts on counter-threat intelligence within the cybersecurity industry, Chris Roberts, of Colorado-based One World Labs, was hauled off a commercial flight last week and detained by the FBI after he warned about the vulnerabilities associated with in-flight technology. Roberts has also been banned from flying with United Airlines.
Hackers thus already have the ability to pose real life risks by attacking infratructure.
In December a blast furnace in Germany suffered “massive damage” after a cyber attack on its computer network. And in the same month a hacker managed to hack into the systems of a nuclear power plant in South Korea.
Are you a security pro? Try our quiz!