Trains controlled by European Rail Traffic Management System could potentially be hacked

Pierluigi Paganini April 25, 2015

The European Rail Traffic Management System is a signalling system that will control all the Britain’s trains and it could potentially be hacked.

By increasing the penetration level of the technology in our ordinary life, we are increasing our surface of attack. We have discussed many times about the risks for critical infrastructure, but threat actors can impact our everyday life by hacking cars, planes and even drones.

Now hackers are looking with increasing interest at the hacking of trains, a new hi-tech railway signalling system European Rail Traffic Management System being tested in the United Kingdom could potentially be hacked by threat actors with serious consequences. An attacker can crash the train, for example, interfering with control on board by manipulating parameters such as the speed.

The European Rail Traffic Management System (ERTMS) is a platform
supported by the European Union to develop a standard for train control and command systems.

European Rail Traffic Management System train

The principal problem of the European Rail Traffic Management System is the lack of security that allow hackers to compromise the systems and cause serious problems, including the loss of human lives.

The European Rail Traffic Management System is used in several countries worldwide, and fortunately, there are no reported cases of it being hacked.

The security expert Professor David Stupple raised the alarm related to the new European Rail Traffic Management System, in an interview with the BBC he highlighted that new systems could be hacked by attackers.

“It’s the clever malware [malicious software] that actually alters the way the train will respond,” Prof. Stupple explained. “So, it will perhaps tell the system the train is slowing down, when it’s speeding up.” “Governments aren’t complacent,” “Certain ministers know this is absolutely possible and they are worried about it. Safeguards are going in, in secret, but it’s always possible to get around them.

On the other hand, the Department of Transport confirmed the threat for national trains.

“We keep security arrangements under constant review to take account of the threat and any new challenges we face,” responded a spokeswoman for the Department of Transport.

“We know that the risk [of a cyber-attack] will increase as we continue to roll out digital technology across the network,” a spokesman told the BBC.

“We work closely with government, the security services, our partners and suppliers in the rail industry and external cybersecurity specialists to understand the threat to our systems and make sure we have the right controls in place.”

Operators and the government entities are working together to increase the level of security by implementing better security measures to mitigate cyber threats.

According to the professor Stupple, the European Rail Traffic Management System is resilient to cyber attacks from outside, but dangers could be caused by insiders.

“The weakness is getting malware into the system by employees,” the professor explained. “Either because they are dissatisfied or being bribed or coerced.”

The Network Rail, which is working with the new train line upgrade confirmed the risks related to the threats. In order to prevent incidents and data breach it is necessary the collaboration of any actor in the railway industry and cyber-security experts.

One of the greatest challenges for the sector is the definition of a system resilient to the cyber attacks, even when they come from insiders. Prof Stupples explained he was working with Cranfield University on the development of a new generation of security systems that would trigger an alert if a train was acting oddly, and restores a safe operation.

“It would take it back into a safe state,” he said.

Pierluigi Paganini

(Security Affairs –  train hacking, security)

you might also like

leave a comment