The increasing number of cyber attacks are a growing threat to the security and the safety of infrastructure worldwide which includes the railway networks. Unsurprisingly, the global cyber warfare market is expected to reach USD 91.75 billion by 2025.
Recently, as part of our cyber warfare focus at TEISS, I spoke with Amir Levintal, CEO of Cylus, a cybersecurity solution for railways and metros, on the ways in which malicious actors are using cyber weapons against civil infrastructure.
The trusted rail industry
The rail industry was traditionally secure as it was isolated from the internet, Amir explains, but now there is connectivity between operational and enterprise networks and the internet, providing hackers with the chance to exploit the weakest link in the chain and penetrate the network.
Amir reveals that over the past few years not only have there been several cyber attacks on the industry, but also many which have gone unreported in the press. Presumably governments and train companies don't want to alarm the public, but it does beg the question – for how long can they keep silent?
A hacker, of course, has the advantage of being invisible in the operational network - no one can see them until there is an impact on the safety of the passengers.
The potential for damage is great; in the worst case scenario, a hacker can penetrate the system, fiddle with the switches and cause trains to derail or collide. Yet, even in the less serious situation of a hacker disrupting a service, the passenger experience will be affected, harming the reputation of rail company.
Also of interest: The great Deloitte dumpster fire
The cyber challenge
One of the main problems of the rail network, Amir explains, is the lifecycle of the train components - about 20-30 years - as well as the fact that the components have been designed for safety but not security. Meaning, that although the parts are safe, they are built on legacy systems which are not able to be upgraded as fast as the technology surrounding them – leaving them open to external attacks.
From a security point of view – this is a real dilemma in the operational network. Most worrying for Amir, is the wireless communications and new technology controlling the trains from a centralised point – which make the train systems vulnerable.
Another challenge is human error caused by a lack of understanding about the threats to the network. Hackers exploit this ignorance and are able to leverage the technologies in order to harm the safety of the trains and passengers.
Also of interest: Are we in a new cold war?
Cyber warfare and the rail industry
Cyber attacks on the railway systems seem increasingly likely as part of a cyber warfare strategy. Amir explains that in the past when small groups wanted to make a physical attacks, they needed resources; it wasn't so easy to steal a tank or buy a nuclear bomb. Today, however, cyber criminals can trace the funds online and then use existing measures to attack complex networks; they can make a similar impact with far fewer resources.
Cylus is a pioneer in protecting railway and metro systems from a growing number of cyber-threats that are the result of inevitable and growing dependence on connected railway infrastructure to meet the transportation demands of ever-expanding cities. Amir Levintal, former Director of the Cyber R&D Division of the Israel Defense Forces, founded the company in 2017 with the former CEO of Israel Railways. Amir has developed a military-grade solution with cyber specialists and rail industry experts tailored to the industry’s unique requirements.
Also of interest: 2FA is no longer an acceptable standard - what's the alternative?