Railway digitalization: cybersecurity

At this time, someone, somewhere, might be trying to cybernetically attack a rail network. And in that case, most likely no one will find out about anything until it's already late. Cyber- attacks on critical infrastructures are increasing, and are increasingly sophisticated. In 2015, for example, there was an attack on the Ukrainian electricity network - it is believed to be the first of its kind - highlighting the danger we face, when almost a quarter of a million people went dark after that the pirates took control of the electrical substations.

 Objective: trains
Until now, no railway network has been subject to a cyber- attack on this scale. However, there are alarming signs indicating that pirates have iron roads in their sights. At least five of the main railway networks were victims of cyber- attacks during that same year. In most cases, it was exploratory invasions with minimal damage; but it is feared that a more determined attacker could cause serious damage.

New vulnerabilities
Defending rail networks against cyber- attacks involves major challenges and the problem is compounded by the transition from analogue to digital technologies. Although the improvement in efficiency is enormous, there are new risks, because the digital systems adopted in recent years often incorporate little security and are increasingly more connected to the Internet.

Currently, operators use third-party telecommunications infrastructure, sometimes for their main network and sometimes as a backup network. The fact that some systems are linked to the Internet through portals increases the risk of cyber -attack.

New networks, new risks
Emerging technologies present a growing dilemma, especially in the field of communications. On the one hand, operators have to  minimize the risk of cyber- attacks ; on the other, they urgently need to maintain a competitive advantage. To do this, they must be able to take advantage of large capacity public networks, both fixed and mobile.

This trend is accelerating with the rise of new 4G-LTE mobile networks, which are considered essential to offer next-generation systems for train control and passenger information.

Username / Password
The possibilities of social engineering attacks also increase due to the large number of employees: invasions in which users are tricked into revealing security details to the pirates. The risk is increased by the scarce degree of cybernetic knowledge that the staff of many organizations have. There is also the problem of controlling access to the systems themselves. Often there is no centralized user, nor group management. People almost always use the same access codes.

Counterattack
Cybersecurity is a multifaceted discipline that requires action on several fronts. Faced with this fact, Thales' safety knowledge is enabling him to assist the railway sector in its fight against cyber-attacks. Intersectoral initiatives play a leading role in creating safer railroads. Thales collaborates with CENELEC, the European Committee for Electrotechnical Standardization, to formulate cybersecurity parameters. It also participates in the development of CERTs  (Computer Emergency Response Teams) as part of the Shift2Rail program of the European Commission. The idea is to create a CERT program, together with suppliers and manufacturers, capable of sharing information in the future. Networks and railway operators have a deep-seated culture of safety. However, they are not always fully aware of where the new risks lie.