T
rain travel is generally safe, with the vast majority of trips completed without incident. According to European Union statistics, the number of train accidents went up in 2014 and 2015, but the number of train victims decreased.
However, the increased focus on automation leaves railways more vulnerable to computer hackers. As a result, railways have to increase their cybersecurity efforts to keep their passengers safe and the trains on the rails.
Vulnerabilities
Modern trains depend on a number of internet linked technologies. A team of cyber experts evaluated railways to access the biggest dangers, and they drew several frightening conclusions. In Europe, trains rely on the computer-based interlocking (CBI), a system designed to keep trains on un-conflicted routes. In short, the CBI prevents train collisions. The team found that a malicious hacker could disable the system, causing numerous casualties and/or extreme train damage.
The experts also found that railways suffered from poor authentication protections, outdated software and insufficient passwords, all items that make them easy pickings for hackers.
Dangers
Hackers would not target a train to benefit financially but simply to cause havoc. Terrorists could exploit these weaknesses in an attempt to further their cause. While a hacker might choose to make a train run late or invade the online ticketing process, they might also prevent the automated doors from opening or move the train onto the wrong route. They could cause a major rail disaster.
Fully automated trains have begun to run in some areas, and they may have no one on board to manually correct a hacking issue. These systems need state-of-the-art cybersecurity.
Solutions
Since trains are becoming more and more automated, cybersecurity needs to be the industry’s number one priority. Railway leaders have acknowledged that they must take immediate steps to correct these problems.
One solution is to hire a company to constantly monitor the train system for vulnerabilities. If points of penetration are found, an expert can visit the site and work to strengthen cyber defenses.
Another approach is to have multiple layers of defenses instead of just using virtual private networks, firewalls and other current protections. Instead, trains need to use a combination of methods to make a complex protective shield around the system, making it incredibly difficult to hack.
Railway companies still have to deal with other security issues, but currently, cyber threats should be their priority. They must have the latest protective methods and work with experts to stymie sophisticated hackers.