Reports say that the UK railway network has suffered at least four major cyber attacks over the last year alone. And experts have warned that the digital systems controlling trains are vulnerable to hackers, who could cause injury or death in the real world.
Sergey Gordeychik, a security researcher at Kaspersky Lab in Moscow, has discovered several weaknesses in rail infrastructure. He told Sky News: “Hackers can get access not only to simple things like online information boards or in-train entertainment, but also to computer systems which manage trains by itself, which manage signals, manage points, and in this case, if they have enough knowledge, then they can create real disaster related to train safety.”
The four recent attacks on UK rail were discovered by Darktrace, a private security company which guards much of the UK rail network. Darktrace CTO Dave Palmer said “there is no such thing as perfect security – attacks are inevitable so companies should be ready to detect them and respond.” Although hackers have infiltrated networks – including rail infrastructure itself – these breaches have been exploratory rather than disruptive.
We see at the moment that state sponsored attackers are already inside critical infrastructure,” Mr Gordeychik said. “So they have access, they monitor, they collect intelligence but they don’t try to create a disaster. Why? I believe that they don’t have the order at the moment. But in case of any maybe warfare, it can be an option to use cyber weapon against civil infrastructure. And this is scary.” As more devices are connected to the internet, digital attacks are leading to real world consequences.
In December last year, power stations in Ukraine were taken offline following a hack.