10/12/2017 / By Tracey Watson
Terrorists have already proved their interest in using the British rail and underground system to create havoc. A blast on a packed commuter train on September 15, 2017, caused panic and left several people injured. Commissioner Neil Basu, the senior national coordinator for counter-terrorism policing, called the blast a terrorist incident and this was confirmed by the mayor of London, Sadiq Khan. In spite of this increasing threat, the British government is making an already vulnerable system even less secure by installing digital signaling on the line between Manchester and York – a type of system that is vulnerable to cyber-attack.
In November 2016, during the government’s Autumn Statement, a $607 million fund was announced for the development of digital railway systems. $6.75 million of this has been allocated to Network Rail for the planning and development of the Manchester–York digital signaling line. The government believes that going digital in this way will increase both the capacity and reliability of the line.
Digital train signaling allows trains to run much more closely together, and this technology has already been implemented in London’s underground system.
However, Dr. Alexeis Garcia-Perez, a reader in Cyber Security Management at the University of Coventry, has warned that such a system would be vulnerable to hacking by criminals. (Related: Is your power strip spying on you? Complex hacking device looks like extension cord.)
Dr. Garcia-Perez believes that while a digital railway in the U.K. would provide “substantial benefits to both passengers and the rail network,” there are some serious risks that need to be factored in. He believes that if hackers gained access to train tracking, signaling or other information, the safety of staff, passengers and the community would be compromised.
“A coherent, cross-industry strategy and a robust and realistic delivery plan are essential so that challenges associated to the use of data for the management of signalling and traffic are fully considered for the safety of railway passengers, staff and communities in general,” he noted. “Such challenges are related not only to the required railway infrastructure but to large-scale data collection and management and the resulting cyber-security risks.”
The government is standing by its decision 100 percent.
“Britain has the safest major railway in Europe and cyber security is a key part of our plan for introducing digital train control technology,” a spokesperson from Network Rail told the Daily Mail. “Safety is our top priority, which is why we work closely with government, the security services, our partners and suppliers in the rail industry and security specialists to combat cyber threats.” (Related: Stay current and on top of all the latest developments at CyberWar.news)
Meanwhile, the Australian government is also taking steps to move towards a digital railway system. Railway-Technology.com reports that the Australian Rail Track Corporation (ARTC) is collaborating with aerospace giant Lockheed Martin to test a digital system called ATMS which will display information to the train driver in real time on an electronic display in the cabin. This system forms part of the government’s plans to replace all analogue controls. ATMS, like the British digital system, allows trains to run in closer proximity and could double or even triple freight traffic.
While the government has assured workers that ATMS will not be used to replace human drivers, it has confirmed that it will facilitate remote intervention.
“ATMS uses GPRS to gather speed and location information from trains and then send instructions to the cabin,” Tim Ryan, ARTC’s executive general manager of enterprise services, told iTnews. “It potentially also allows us [to] intervene remotely if a train is travelling too far or too fast.”
Of course, in the wrong hands, a system that can be used to remotely slow a strain down could also be used to speed it up.