UK rail network suffered multiple cyber attacks last year
UK rail faced four major cyber-attacks over the past 12 months, according to British cybersecurity firm Darktrace.
Darktrace has been responsible for safeguarding much of the UK’s railway networks. While specific details of the four breaches haven’t been released, the belief is that hackers were conducting exploratory rather than disruptive attacks.
The threat of hackers causing damage to the rail network is, however, a possibility. Speaking to Sky News, Sergey Gordeychik – a security researcher at Kaspersky Lab in Moscow – said that if hackers were able to control signal lights they could “create real disaster”.
“Hackers can get access not only to simple things like online information boards or in-train entertainment, but also to computer systems which manage trains by itself, which manage signals, manage points, and in this case, if they have enough knowledge, then they can create real disaster related to train safety,” said Gordeychik.
It isn’t known exactly who is behind these attacks, although Gordeychik suggested that state-sponsored groups could infiltrate the network to collect intelligence. There’s also the chance, Gordeychik claimed, that in the case of warfare, these breaches could be used as a “cyber-weapon against civil infrastructure”.
Darktrace CTO Dave Palmer commented: “In an era of imperfect defences and increasingly complex networks, determined threats can always get in. Today, all businesses can be affected, regardless of size or sector.”
The report will be taken as warning about the rollout of digital networks across core infrastructure. While many aspects of the UK’s rail system remain analogue, an increasing portion relies on computer networks to communicate. In a statement, Network Rail – which isn’t a customer of Darktrace – emphasised that it takes cybersecurity very seriously.
“Britain has the safest major railway in Europe,” a spokesperson told The Telegraph. “Safety is our top priority, which is why we work closely with government, the security services, our partners and suppliers in the rail industry and security specialists to combat cyber-threats.
“Digital in-cab signalling is used safely and effectively by dozens of countries in Europe and around the world, and is similar to technology already in use on the Tube and other metro systems in this country.”
At the start of the year, US data-security firm PKWare issued a series of predictions about cybersecurity in 2016, including attacks on electrical grids and healthcare systems.
“Our infrastructure systems are antiquated for the most part,” PKWare’s CEO Miller Newton told me at the time. “They’ve been in existence for a very long time. Whether it’s our water systems or our electric systems, these are using old technology. All of the security in play in these organisations is based on paradigms that are no longer applicable today.”