Advances in switching technologies have exposed rail networks to the simplest form of cyber attacks that could be launched by inexperienced teen hackers.
Knowing how to trigger a denial of service attack could halt train services, warns a German security expert, thanks to mobile phone signals that are used to link railway switching systems together.
Denial of service campaigns are one of the simplest forms of cyber attack, where hackers recruit large numbers of computers to overwhelm the targeted system with Internet traffic.
Stefan Katzenbeisser, professor at Technische Universität Darmstadt in Germany, said switching systems were at risk of denial of service attacks, which could cause long disruptions to rail services.
“Trains would not crash, but service could be disrupted for quite some time,” said Katzenbeisser.
Katzenbeisser said GSM-R – standing for GSM-railway – a mobile technology used for train communications, is more secure than the usual GSM, used in phones. But it’s still vulnerable to hackers who manage to lay hands on one security key, the Daily Mail reported.
The attacks require far less skill than penetrating a computer network or writing malicious software. Hackers have used the approach to attack government and business sites worldwide.
Train switching systems, which guide trains from one track to another marshalling yards, have historically been separate from the online world, but communication between trains and switches is handled increasingly using wireless technology.