Thousands of lives at risk; rail system could be susceptible to catastrophic hack attacks using the vulnerability in the new rail traffic system

It is a well known fact that any ‘smart’ device can be hacked and every technology has some kind of vulnerability. This is can mean damage and loss of personal information in case of smartphones and PC but when there is a vulnerability in a high-tech train signalling system and it gets hacked, that potentially means a crash and 1000s of human casualties.

A new hi-tech railway signalling system being tested in the United Kingdom could potentially be hacked by cyber criminals to cause oncoming trains to crash into one another at high speeds, Prof David Stupples has warned.  His warning comes at a time when the United Kingdom is looking to replace its ageing and old signalling system and is looking to test the European Rail Traffic Management System (ERTMS).

Internet security expert Professor David Stupple told the BBC that plans to replace old railway signal lights with new digital systems could expose the railway network to cyber attack, Prof Stupples believes a hack can cause a “nasty accident” or “major disruption”accident” to involving terrorists and cyber criminals as they could “easily expose the new mainframe.”

“It’s the clever malware that actually alters the way the train will respond,” Stupple said. “So, it will perhaps tell the system the train is slowing down, when [it is] speeding up.”

Commenting on the issue, Piers Wilson, Product Manager of Huntsman Security said that;

“it will be critical for Network Rail to react quickly and effectively when necessary to prevent damage or the harmful effects of faults that are introduced into train control and signalling systems. The challenge will be spotting that the attack has actually happened before the effects (in the real world) are apparent.”

BBC has reported that rail operator, Network Rail, which is in charge of the upgrade has acknowledged the threat. “We know that the risk [of a cyber-attack] will increase as we continue to roll out digital technology across the network,” the Network Rail spokesman told the BBC.

“We work closely with government, the security services, our partners and suppliers in the rail industry and external cybersecurity specialists to understand the threat to our systems and make sure we have the right controls in place.”

The ERTMS which is currently in testing phase will replace the old and ageing signalling system in UK’s busy intercity routes by 2020.  Once set up, the ERTMS will control complete rail networking including the speed of trains and their braking times.

The ERTMS is already in use in some parts of Europe and there are no reports of it being hacked or taken over by terrorist thus far.

Professor Stupples, who is an expert in networked electronic and radio systems at City University in London, however is not so sure.“It’s the clever malware that actually alters the way the train will respond,” he explained. “So, it will perhaps tell the system the train is slowing down, when it’s speeding up.”

“As such, we would recommend that Network Rail implements rigorous security measures as part of its upgrade. Network security alone will not be enough; it will be essential to have always-on, continuous monitoring and recording on every endpoint. Protecting each endpoint device in this way not only allows organisations to detect any breach much faster, but the replay will allow them to track the ‘kill chain’ left by successful attackers, to better understand the level of risk exposure and defend against future threats.”