Today's cyber attacks in rail networks are aimed at accessing systems with sensitive information, disrupting services, damaging equipment, demanding ransom or harming the operator’s reputation.
In a collaboration project with Icomera to provide secure Wi-Fi to Northern Trains, we are pleased to announce that we have now protected more than 10 million rail passengers. With our innovative cybersecurity solution, we are enabling added connectivity that doesn’t become a vulnerability.
The requirement for a new type of passenger journey
Train operators, seeking to improve passenger satisfaction and operational availability, have begun to add services for increased connectivity within their train fleet. A process of digital transformation allows them to improve how they monitor their assets, automate operations, and provide an improved service to their customers.
As well as ensuring their journeys are on-time, comfortable and competitively priced – passengers now have an increased demand for uninterrupted internet access throughout their entire trip, or new digital functionality such as the ability to pay for tickets with staff using wireless ticket systems. A passenger’s requirement for constant connectivity can be a daunting task. Operating and securing a train, or entire fleet, is a far more challenging environment than a simple home or office Wi-Fi network.
The growing communication network onboard trains now poses a new threat to the integrity of the train operator. The railway industry is a unique network environment, with systems that are also uniquely vulnerable and not designed to exist in a connected world. Railway IT and OT systems require high levels of availability, integrity and security.
A connected journey adds unique cyber security challenges
Train operators are responsible for transporting large volumes of passenger and freight traffic, which means the rail industry plays a vital role in supporting a country’s day to day business and economic growth. Due to their importance within our economy, they are attractive targets to attackers seeking to disrupt critical infrastructure.
The rail industry may not be completely unique in its vulnerability to attacks. But it is the nature of their connected systems, technology, infrastructure and other ‘moving parts’ that do make it unique when considering a solution for passenger safety. When people think of digital transformation in the railway industry, they tend to think of Wi-Fi connectivity, e-tickets or ‘infotainment’. However digital innovation is developing in all aspects within railway functionality, and becoming more connected every year. There can be in excess of 50 different connected systems across a single train, meaning thousands of systems across a train fleet.
Systems on trains can contain many connected components that handle important functions such as braking, monitoring speed, HVAC, closing and opening of doors, CCTV and communication with signalling systems. These critical components are then connected via a communication network, including wireless connections, across the rolling stock. Gaining access to the network, an attacker can send commands to the various components and ultimately change the behaviour of the train.
Cybersecurity specialist Ken Munro, and his company Pen Test Partners, have previously reported on research examining various rail networks, which showed it was easy to access customer data, as well as the trains critical systems – including its braking system.
The research was conducted over several years, and showed that in a worrying amount of cases they were able to gain access to the Wi-Fi network to gain access to customer data, and bridge to the wired network to gain further access to other systems on the train.
At a CeBIT expo in Hannover, a rail network simulation was created to explore the potential of attacks on a typical rail fleet. The realistic simulation included assets such as CCTV feeds and control interfaces. Over a 6-week period, researchers recorded a total of 2,745,267 breaches - 10% of which succeeded in taking partial control of the simulated train. While just a simulation, this demonstrates what can be possible for a determined attacker.
Cyber security breaches within the rail industry, and other transportation industries, are no longer just hypothetical. Major railways across the US, Europe and Asia have already been the target of attacks.
Safeguarding rail passenger trust throughout their journey
We work with transport operators and system suppliers such as Arriva, Icomera, Nomad Digital, VT Miltope and, more recently, Northern Trains, to protect their new digital train fleet from cyber attacks, ensuring passengers get to their destination safely and securely.
RazorSecure was tasked, in collaboration with Icomera, to provide a method of protection for passengers onboard Northern Trains - who play a vital role in the north of England by connecting tens of thousands of people to work, leisure and education every day.
Passenger safety is a top priority within the rail industry. It is therefore a proud achievement for RazorSecure to have been a vital part in ensuring that 10 million rail passengers onboard Northern Trains have been kept safe on their journeys.
“We are delighted to reach this important milestone for our business and our customers. We truly believe that our systems, powered by AI and focused on the particular threats the transport industry faces, are world leading. We are still very much open for business and have our next target, 20 million passengers protected, in our sights.”
Alex Cowan, CEO of RazorSecure
“RazorSecure’s products are an effective part of our security in depth approach. We consider their solutions to be unique and ideally suited to work in a distributed and often isolated environment.”
Marc Silverwood, Digital Trains Project Manager for Northern Trains
Icomera, the world’s leading provider of wireless Internet connectivity for public transport, was the network integrator for Northern Trains’ Digital Train project and is responsible for providing ongoing remote and onsite support for the onboard systems, including the Passenger Wi-Fi service.
“Where public transport is still operating – taking key workers, such as front-line medical staff between their homes and hospitals - we are pleased to be keeping passengers in-touch with their families and colleagues, and informed of the latest news. Offering this service with the enhanced security offered by RazorSecure’s technology brings welcome peace of mind at a time when it is in short supply in so many other areas of our daily lives”.
Peter Kingsland, Managing Director of Icomera UK
Connectivity has a very important role to play in making public transport a better, safer, more attractive option for passengers by enabling an ecosystem of onboard services and real-time data feeds. RazorSecure’s distinctive approach enables us to detect both known and unknown attacks while remaining effective for the life of the system. This approach is crucial for digital transport systems, as attacks tend to be more sophisticated and customised by the attacker, causing traditional approaches to fail.