With more than 400 billion passenger kilometers per year in Europe, an EU report notes that railways are a critical infrastructure that must be properly protected. In total, almost 1/3 of the world’s population moves daily by train.
In India alone there are 700 stations with Wi-Fi, which means that there are 8 million people connected. The other Asian giant goes even further. Recently the Shanghai Hongqiao train station began operating with a sufficient 5G Wi-Fi network to download a high-definition movie in less than 20 seconds. However, the measure has raised concerns about how this new network can play in the growing trend of railway and metropolitan cyber attacks.
Hongqiao Station is one of the largest passenger distribution centers in Asia, with more than 60 million passing through it every year, representing around 330,000 users per day. Once fully operational, the new system will see travelers benefit from faster speeds and less congestion on the mobile network. But also a greater danger of vulnerability.
What is the problem? We should speak in the plural but can be summarized in three points.
1) Those responsible continue to use software for which manufacturers no longer provide security patches.
2) Use encrypted passwords for remote systems
3) Engineering systems are not isolated from passenger entertainment systems, which could provide hackers access to critical systems.
An independent analysis of these types of structures found more than 20 weaknesses that hackers could use to fire emergency brakes, derailments or crashes.
Another example is the well-known HoneyTrain Project experiment that sought to determine the extent of threats against rail systems. For this, a virtual railway infrastructure was configured, with the same protection measures as the real ones, which the attackers could access.
In just six weeks, they recorded 2,745,267 attacks and in almost 300,000 of them achieved control, although limited, over different systems. Ransomware attacks have also turned rail systems into targets, such as the attempted extortion in the San Francisco system and another in the German train network, the Deutsche Bahn.
The set became such a desirable target for criminals and terrorists, that Al Qaeda has issued online instructions to teach ways to derail trains and to which railway lines to target.
Thus, it is not surprising that the cybersecurity market in trains will be worth more than € 10 billion in 2027, twice as much today.
To understand how important these threats are, we speak with Miki Shifman, one of the founders of Cylus, a pioneer in the development of specific cybersecurity for rail networks. “In this context – explains Shifman – we are as strong as the weakest link. As the rail industry continues to adopt more automated, wireless and connected technologies, both on land and on board, critical assets are increasingly exposed to malicious cyber attacks. The fact that many companies continue to rely on legacy technology, commercial components and third-party providers also compromises their security, creating many attack vectors. Security flaws allow hackers to access the entire rail network.