UK Railway Network Vulnerable to Hackers, Finds Researcher

The United Kingdom’s railway network is vulnerable to hackers and targeted attacks, finds a security researcher.

Sergey Gordeychik, a security researcher at Kaspersky Lab in Moscow, told Sky News he’s found weaknesses in the UK’s rail infrastructure that hackers could exploit to target the digital systems controlling trains:

“Hackers can get access not only to simple things like online information boards or in-train entertainment, but also to computer systems which manage trains by itself, which manage signals, manage points, and in this case, if they have enough knowledge, then they can create real disaster related to train safety.”

Private security firm Darktrace detected four major attacks against the United Kingdom’s railway network over the last year.

Those attacks are thought to have been state-sponsored and exploratory–not disruptive–in nature, but that could change if other types of actors decided to scan the digital systems controlling the UK’s rails for vulnerabilities.

Professor David Stupples, an electronic warfare expert, elaborates on that point:

“What we have to worry about is terrorism. Because the terrorist might want to attack the railway or indeed any of our infrastructure to cause death, mayhem, but also to make a name for themselves, make certain their terrorist organisation is known.”

Network Rail, the owner of most of the rail infrastructure in the United Kingdom, is actively working to mitigate the threat of a digital attack against the country’s railway network.

Specifically, it is introducing the European Rail Traffic Management (ERTMS) system, which will help modernize signalling infrastructure in the United Kingdom.

“Britain has the safest major railway in Europe and cyber security is a key part of our plan for introducing digital train control technology,” Network Rail said. “Safety is our top priority, which is why we work closely with government, the security services, our partners and suppliers in the rail industry and security specialists to combat cyber threats.”

A Department of Transport spokesperson echoed those thoughts: “We are working with industry to ensure that all risks to the rail network and other infrastructure are minimized.”

News of these weaknesses in the UK railway network follow several months after attackers leveraged BlackEnergy malware to cause power outages in Ukraine.