Back to Blogs

Planes, Trains, Automobiles… And the Threat of Cyber-Attacks

Amir Levintal
Amir Levintal
CEO @ Cylus
Are different modes of transportation in the 21st century, equally exposed to hackers?
Planes, Trains, Automobiles… And the Threat of Cyber-Attacks

Cars have effectively become “computers on wheels.” They rely on a highly intricate network of software to operate, which also exposes them to potential hacks.

Planes, for their part, have already proven to be vulnerable to cyber-attacks, and are a high-quality target from the perspective of threat-actors.

Trains rank among the safest modes of travel, but no longer lag behind other modes of transportation in terms of growing exposure to risks in the cyber sphere.

In a way, planes and trains confront similar cyber-threats, as new connected technologies in both systems raise more and more cyber concerns. Both modes of transportation utilize equipment – including the trains and planes themselves – which have substantial lifespans, even up to 30 years. While built with physical safety in mind, cybersecurity was not a factor in the design of these legacy systems, leaving them vulnerable to attacks.

But while planes, trains, and automobiles face some common threats in the cyber sphere, trains come with their own unique vulnerabilities. As a result, cybersecurity for railways poses a complex challenge for all stakeholders.

On the Fast Track to Vulnerabilities

Railways are sophisticated systems, comprised of infrastructure and railroad cars that operate in synergy to keep the trains running smoothly. An attack on any of these components can cause the entire system to grind to a halt. For example, trains receive permission to move (“movement authority”) based on the movement of other trains along the track and the overall state of the infrastructure. If hackers insidiously insert a false “movement authority” into the system, trains could, for example, run much faster than the infrastructure would normally permit, triggering derailments and collisions.  

Trains don’t have steering wheels, but they are fully reliant on the route that the interlocking system – the system responsible for the safety of the movement on the tracks – allocates through switches along the tracks. Furthermore, as rail technology progresses, more interlocking systems are being converted to computer-based interlocking, meaning they are more connected, and therefore more vulnerable to penetration by malicious actors. If a computer-based-interlocking system is attacked by hackers, it will affect the synchronization between trains, switches and light signals along the rails. In the worst-case scenario, this might lead a train to enter into an occupied block, resulting in system-wide chaos and even life-threatening incidents such as collisions.

But rail vulnerabilities do not end at the cars or tracks. The wireless channels used by the signaling systems, as well as the remote monitoring and maintenance systems,  create an entirely new set of potential pathways for hackers to penetrate and wreak havoc.

What’s more, should any component of the rail infrastructure be compromised, rail networks employ standard failsafe mechanisms that shut down train movement automatically. From a safety perspective, this is a substantial benefit – a foolproof system which prevents mishaps and loss of life. But given this robust safety standard, intentional and repeated cyber-attacks – even minor ones – could mean a literal standstill in service.

An estimated 1.7 billion passengers travel by rail each year, with millions of commuters relying on smoothly functioning rail systems to get to and from work each day. The railways also provide the infrastructure for billions in annual commerce, making them, much like airplanes, highly appealing targets for malicious actors seeking to cause a high-profile impact.

Paving New Routes for a Safer Future

These threats have not gone unnoticed by regulators. Measures, such as the European Union’s Network and Information Systems (NIS) Directive, which requires EU member states to enact robust cyber regulations for critical infrastructure networks – including railways – are a positive step forward in addressing the cyber challenges confronting rail operators. It signals lawmakers’ growing awareness of the urgent need to erect potent defenses around such sensitive, highly connected systems.  

Today’s uniquely vulnerable networks controlling our intricate rail systems require tailored approaches to cybersecurity, with real-time monitoring, clear protocols for managing cyber risks and thwarting attacks, as well as ongoing information-sharing among key stakeholders. Anything less could derail public trust in the rail industry.

*This post was originally published in:

Originally published
December 4, 2018
December 4, 2018

Share this post