Modern Railway components Feature Vulnerabilities Open to Exploitation

According to a warning by Prof David Stupples to United Kingdom the country testing ERTMS (European Rail Traffic Management System), like a hacking of a 'smart' device, if the signaling system of a highly sophisticated train gets hacked, the result could be a crash as well as most likely death of individuals.

After working on extensive research conducted during 2013-2015, researchers have found plentiful flaws which impact signaling arrangement of the train along with other complimentary mechanisms. Softpedia.com reported this, December 29, 2015.

Moreover according to the researchers, railway systems often aren't put online; however, certain vulnerabilities within a few equipments could facilitate hijacking of the entire network by hackers, with the attack making subsequent strikes down to the remaining equipments interlinked with that specific node-of-entry.

Of all the flawed equipments the researchers discovered was SIBAS, a mechanism for protecting the train utilized within many European nations' railway systems, and that's one computer-based automation mechanism which railway components use.

SIBAS mechanisms have security flaws because they're reliant on WinAC RTX controller, certain component from Siemens SIMATIC wherein security issues were earlier identified. The computer-based interlocking (CBI) mechanism that the majority of railways utilize is as well prone to attack. With CBI, train routes can be regulated, and these play vital role for making the most of any railway system's operation, while eschewing conflicting routes that result in train crashes.

Again as per researchers, attackers may so devise strategy that the system would collapse, halting railway's operation alternatively; even establish train routes, which result in economic destruction. So to launch such attacks, hackers may dupe a staff member into clicking malevolent web-links alternatively plugging in contaminated USB sticks into specific networks.

One more important way attackers could strike is through GSM-R SIM cards that help knowing the place the train is running, dealing with different train features as well as issuing commands or even halting a train's onward movement.

In general, researchers assert that despite the use of sophisticated skill of ICS/SCADA systems within railway be required for executing these assaults, state-backed hackers specializing in the kind of research will surely discover a hassle-free target to attack.

» SPAMfighter News - 1/5/2016