‘Absolutely easy’: Global train systems are vulnerable to hacking, warn security researchers

© John Gress
Over the weekend, Russian security researchers told attendees of a hacker convention in Germany that there are gaping holes in the security of global railroad systems, making them vulnerable to hackers.

“It’s absolutely easy” for hackers to exploit certain vulnerabilities in railroad infrastructure, researchers Sergey Gordeychik and Aleksandr Timorin of SCADA StrangeLove said on Sunday at a security conference called the Chaos Communication Congress in Hamburg, Germany, according to Vice Motherboard.

SCADA, or Supervisory Control and Data Acquisition systems, are computer based systems that monitor and control industrial processes remotely, enabling automatic functioning of a nation’s critical infrastructure, including nuclear power facilities, rail and truck transportation, and traffic lights.

The problems revealed in the team’s slide presentation, The Great Train Cyber Robbery, revolve around automated systems in railroad networks. Many of the systems previously had manually-controlled signals and locks, but are now operated by computers. Security researchers believe this leaves trains vulnerable to hackers who could flip a switch to derail a train, or cause a collision.

One problem is that some switches require constant access to the internet, and if that signal is lost, the trains stop automatically. There are also design flaws such as having entertainment devices for customers and engineering systems on the same Wi-Fi network, meaning “accessing the former may lead to a compromise of the later.”

“A lot of the devices work on the same channel like engineering equipment and user systems,” Timorin told Motherboard. “All the vendors are working very hard to fix the situation.”

Gordeychik and Timorin said some of the problems were easy to exploit, but to take advantage of others an attacker would have to have in-depth knowledge of railroad systems and protocols. One of the train systems they looked at featured train operators still using default passwords associated with admin accounts, leaving access to the system wide open.

The team did not talk about any specific train system in discussing the problems and didn’t discuss any of the vulnerabilities in great detail, but the implications were that the sort of issues they found could apply to any modern railroad system worldwide.

This is not the first time that SCADA Strangelove has raised the alarm, either. In 2014, the team found more than 60,000 exposed online control systems that were ripe for exploitation. The hackers discovered the ease with which they could gain full access to programmable logic controllers or PLCs, according to WND.com

The SCADA StrangeLove findings come at a time of mounting concern over recent cyberattacks on critical national infrastructures and government agencies. In July, the Obama administration acknowledged that hackers had stolen the Social Security numbers, health histories, and other sensitive information from more than 21 million people. The announcement came after hackers had stolen the records of about 4.2 million people from the Office of Personnel Management’s database.