Categories: HackingSecurity

Trains controlled by European Rail Traffic Management System could potentially be hacked

The European Rail Traffic Management System is a signalling system that will control all the Britain’s trains and it could potentially be hacked.

By increasing the penetration level of the technology in our ordinary life, we are increasing our surface of attack. We have discussed many times about the risks for critical infrastructure, but threat actors can impact our everyday life by hacking cars, planes and even drones.

Now hackers are looking with increasing interest at the hacking of trains, a new hi-tech railway signalling system European Rail Traffic Management System being tested in the United Kingdom could potentially be hacked by threat actors with serious consequences. An attacker can crash the train, for example, interfering with control on board by manipulating parameters such as the speed.

The European Rail Traffic Management System (ERTMS) is a platform
supported by the European Union to develop a standard for train control and command systems.

European Rail Traffic Management System trainEuropean Rail Traffic Management System train

The principal problem of the European Rail Traffic Management System is the lack of security that allow hackers to compromise the systems and cause serious problems, including the loss of human lives.

The European Rail Traffic Management System is used in several countries worldwide, and fortunately, there are no reported cases of it being hacked.

The security expert Professor David Stupple raised the alarm related to the new European Rail Traffic Management System, in an interview with the BBC he highlighted that new systems could be hacked by attackers.

“It’s the clever malware [malicious software] that actually alters the way the train will respond,” Prof. Stupple explained. “So, it will perhaps tell the system the train is slowing down, when it’s speeding up.” “Governments aren’t complacent,” “Certain ministers know this is absolutely possible and they are worried about it. Safeguards are going in, in secret, but it’s always possible to get around them.

On the other hand, the Department of Transport confirmed the threat for national trains.

“We keep security arrangements under constant review to take account of the threat and any new challenges we face,” responded a spokeswoman for the Department of Transport.

“We know that the risk [of a cyber-attack] will increase as we continue to roll out digital technology across the network,” a spokesman told the BBC.

“We work closely with government, the security services, our partners and suppliers in the rail industry and external cybersecurity specialists to understand the threat to our systems and make sure we have the right controls in place.”

Operators and the government entities are working together to increase the level of security by implementing better security measures to mitigate cyber threats.

According to the professor Stupple, the European Rail Traffic Management System is resilient to cyber attacks from outside, but dangers could be caused by insiders.

“The weakness is getting malware into the system by employees,” the professor explained. “Either because they are dissatisfied or being bribed or coerced.”

The Network Rail, which is working with the new train line upgrade confirmed the risks related to the threats. In order to prevent incidents and data breach it is necessary the collaboration of any actor in the railway industry and cyber-security experts.

One of the greatest challenges for the sector is the definition of a system resilient to the cyber attacks, even when they come from insiders. Prof Stupples explained he was working with Cranfield University on the development of a new generation of security systems that would trigger an alert if a train was acting oddly, and restores a safe operation.

“It would take it back into a safe state,” he said.

Pierluigi Paganini

(Security Affairs –  train hacking, security)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

Operation RapTor led to the arrest of 270 dark web vendors and buyers

Law enforcement operation codenamed 'Operation RapTor' led to the arrest of 270 dark web vendors…

22 hours ago

Chinese threat actors exploited Trimble Cityworks flaw to breach U.S. local government networks

A Chinese threat actor, tracked as UAT-6382, exploited a patched Trimble Cityworks flaw to deploy…

1 day ago

U.S. CISA adds a Samsung MagicINFO 9 Server flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Samsung MagicINFO 9 Server vulnerability to its…

1 day ago

New Signal update stops Windows from capturing user chats

Signal implements new screen security on Windows 11, blocking screenshots by default to protect user…

2 days ago

Law enforcement dismantled the infrastructure behind Lumma Stealer MaaS

Microsoft found 394,000 Windows systems talking to Lumma stealer controllers, a victim pool that included…

2 days ago

Russia-linked APT28 targets western logistics entities and technology firms

CISA warns Russia-linked group APT28 is targeting Western logistics and tech firms aiding Ukraine, posing…

2 days ago