The risks of cyber attacks on modern railway security

Alex Mathews, Head of Technology EMEA at Positive Technologies talks to Security Buyer about the recently reported cyber attacks on UK railways over the last year.
“At the heart of any modern railway infrastructure lie microprocessor-based railway control systems. They employ object controllers that manage traffic lights, track circuits, switchgear, and rail crossings.
“If hackers manage to gain unauthorised access to such systems and bypass functional protection mechanisms, they may perform a wide variety of actions like throwing points under a train or falsifying data on track occupancy, making busy tracks looks like vacant ones and vice versa. Consequences of such actions may include not only financial losses (railway tracks not used or derailing of a freight train due to misleading signaling that points to a dead-end), but also a human toll (trains colliding due to spoofed traffic light signalling).
“Positive Technologies experts pay close attention to the issue of railway infrastructure security and carefully study existing ICS vulnerabilities to design protection systems to counter these threats. During the last several years, the specialists discovered dozens of high severity vulnerabilities and attack vectors that may directly affect industrial security of railway transportation, which was demonstrated at Positive Hack Days, the international conference on practical cybersecurity. The forum featured a model railway where all its elements including trains, level crossing gates, and traffic lights were managed by an ICS.
“The forum participants were suggested to perform a number of tasks that showcase possible consequences of hacker attacks on railway infrastructure objects. The competition demonstrated that hacking industrial systems some of which were designed without any regard to cybersecurity standards is a task easy enough even for beginners.”