UK train services could be vulnerable to being hacked, hijacked and crashed, due to the trial of new digital signaling system designed to make lines safer, reports ITV.
According to government advisor Professor David Stupples, the new European Traffic Rail Management System (ETRMS) could be targeted by hackers and exposed to malicious software which could result in an accident. The system – which is being implemented by Network Rail and expected to be operational in the 2020s – is designed to replace aging signal lights, using computers to transmit critical information live from the tracks.
“It’s the clever malware that actually alters the way the train will respond,” Stupples told the BBC. “So, it will perhaps tell the system the train is slowing down, when it’s speeding up.”
The internet security expert said that the ETRMS is well protected from outside attacks, but warned that the greatest threat is posed by insiders. Stupples noted that a Network Rail employee, either through a bribe or acting on general dissatisfaction, is the most likely way malware would get into the system.
“Governments aren’t complacent,” the professor added. “Certain ministers know this is absolutely possible and they are worried about it. Safeguards are going in, in secret, but it’s always possible to get around them.”
Network Rail has said that it acknowledges the threat, and is working with government, security services, partners and suppliers in the rail industry to understand the risks and protect its passengers.
As transport systems become more reliant on computers and the internet to operate smoothly, new vulnerabilities are being analyzed by governments and industry bodies. Just last week, a US government watchdog warned that the adoption of modern technology in airplanes could allow hackers to access flight controls over public WiFi.
by Kyle Ellison, ESET