Cyber and Railway. How do They Connect?

So as the title says, mixing the words Cyber and Railway doesn't sound like the two have anything to do with each other, right?

Well, we were speaking with the Midland Rail Forum, which we recently joined as a member to support the promotion of Cyber as a discipline within the Rail sector. We stumbled across the stigma that Cybersecurity and Railways are hard to understand the application and meaning of how Cyber applies to everyday activities within the Railway. Because most systems are moving towards being Digital and require extensive connectivity (network and IT interjoining), this opens up the surface to potential Cyber attacks because of how the internet has evolved, including how hackers or malicious adversaries can identify systems to attack.

So, to examine the relationship between Cybersecurity and the Railway, we have to look at the landscape for Railways from today's perception. Because Railway systems are increasingly becoming more and more digital, we need a diverse control setup to allow for better coverage by each of the Railway control centers known as Regional Operational Control centers. This requires an extensive backbone of networks to support this form of architecture for remote control and monitoring of Britain's Railways. On top of this, we want data. Data is the new form of Gold, given it provides us information that can provide further intelligence, such as Asset performance and maintenance predictions. We also want flexible controls to leverage automation where possible; eliminating the Human can lead to increased performance and safety metrics!

Further to the above, we also want to ingest and integrate different IT systems, which breaks the traditional model where we would naturally segregate or isolate our Railway systems.

With this increase in Digitalization and interconnectivity coupled with our love affair with computers and software, the threat surface is increasing and accelerating. When we state' threat surface,' what we mean is that the possible array of attacks that can happen increases, and the methods to execute become more accessible or more exposed, thereby making them an appealing target.

To examine where Cybersecurity plays a role within the Railway, let's examine the various disciplines that are commonly associated with Railway systems:

Signaling and Control Systems

It goes as no surprise that Signaling and Control systems are what makes trains operating on our Tracks safely. Signaling Controls systems also maintain a schedule to ensure our daily life can get from A to B. Signaling systems have almost become fully electronic or Digital, e.g., software programs make decisions instead of metal interlocking levers to prevent Trains from colliding or traveling. While these systems account for a wide range of hazards, Cyber is undoubtedly a top hazard to consider given that hackers can manipulate software code to behave in different ways not known to Signaling manufacturers.

Furthermore, Signaling systems rely on IP-based networks and often use simple industrial protocols to communicate between systems to execute commands such as modifying signals or to transmit messages to Trains about the approaching speed limit for the next permission block. In the ETCS world, we even have online Key Management, allowing Trains to become interoperable to their geographical regions. The fundamental concept uses Cryptographic keys to identify and allow Train identities to travel in specific regional areas.

The range of systems described above merely covers a tiny segment of the Signaling Systems. However, the reliance on availability and confidentiality is high, given that these are safety-critical systems. Furthermore, cyber-attacks are designed with a purpose, to cause disruption or allow adversities to gain financially. In this case, signaling systems could be targetted to cause deliberate delays or, worse, compromised with attacks such as Ransomware to demand financial payout before handing back the systems to the respective Routes. The worst-case scenario is tampering systems knowingly that could create unsafe scenarios, a fear commonly associated with safety mechanisms failing not associated with Cyber attacks.

Electrical Power Systems

A significant proportion of our Railway needs power either for our Signaling systems to work or our Trains to operate using Overhead lines. Further reviews for Greener technology mean the rollout of Overhead Power is gaining traction, so is the power grid network. Unfortunately, attacks on our power grid have happened recently, noticeable in Ukraine and America and with some of our Electric suppliers suffering attacks to Ransomware.

Standard attacks are usually associated with disrupting the power grid, as this has performance impacts with the motive of causing noticeable noise and reduce reliability. Power systems, often like Signaling Wayside systems, rely on SCADA systems, which are very sensitive to noise in the protocols they use for communication and can quickly be rendered inoperational should the systems become interfered with or modified permanently. Changing these systems is not a simple retro-swap out and makes downtime longer for this reason.

Rolling Stock

Rolling Stock, whether Freight, passenger, or engineering-based, plays an integral part in getting us from A to B. With onboard systems leveraging IT/OT technology to process data from signalling systems and having modern capabilities for allowing passengers to have internet connectivity. The attack service for Rolling Stock tends to be moderately high, given there are services for the public to use, such as Wi-Fi, that naturally invites Hackers on trains to investigate and explore systems connected to this network, e.g., any Customer Information Systems leveraging the network for outbound connectivity could be a target. Furthermore, Rolling Stock is increasingly becoming Digital with Operating Systems running applications are the effective brains for Rolling Stock, whether this is processing CCTV, network management for Wi-Fi, maintenance diagnostics for maintenance crews, or interfacing with the onboard Signaling interfacing systems.

The interjoining of these systems for data enrichment and system reliability also increases the number open to an attack. Furthermore, because these are more IT-based systems (Operating Systems and Network Devices such as Wi-Fi Routers and Switches), these systems begin to look like standard playing field hackers are trained and used to targeting, making the path for an attack easier. Also, the use of Radio Frequency transmission for Signaling Wayside and CCTV systems, aspects considered safety-critical, these too are increasingly seeing attacks such as frequency blocking signal attacks and RF Signal manipulation to mimic genuine requests which are fake. While these are relatively uncommon attacks, the state of hardware attackers have access to has only increased the likelihood of these kinds of attacks.

Network Communications and Systems

Our Trains, Signaling, and Power Systems, including Communications, are interlinked one way or another. Whether our ticketing systems need internet access or Radio Comms for our Station staff to speak to our Controller Centers, networks that connect, link, and transport data are subject to various attack vectors and pose some of the more easily identifiable attack methods. Because networks need to leverage over-the-air or need Fiber/Copper based networks, this tends to interlink commercial or Public networks such as Internet Service Providers (ISP) networks making their attack surface much larger and more permanently advertised to hackers. Networks typically serve in the layers of Layer 0 - to - Layer 5 in the OSI model and therefore hold the largest group of protocols with known attacks or weaknesses.

This is why it is essential when designing your network systems to ensure that the relevant segregation patterns (architecture design) and solid and secure protocols are implemented and reviewed when implementing a new or integrating with an as-is network system.

Okay, so many Systems are prone to being Hacked; what's the Deal?

So, the answer is that many things can be hacked and are hacked each day. The issue is whether that system belongs to you and is exposed? Does it have to introduce an impact, or could it be an entry into your system to undertake further activity?

These are the questions an Asset Owner or Supplier should ask and assess when introducing a new product or accepting or implementing a new system. Furthermore, Network Rail and TFL require suppliers and vendors to conform to a selection of security standards imposed onto them. This ensures that if you supply a product or service, you are doing so with security in mind. The reason behind this approach is that you as a supplier may provide the latest, fastest, and reliable signaling system. However, if it's thought with vulnerabilities or ease of access for attackers to investigate, then the system becomes insecure and possibly (most definitely) unsafe.

Here at Complete Cyber, we can guide and offer support in avoiding these obstacles and advise you on the right approach to securing your systems through our security architecture services. Furthermore, compliance with the NIS Regulations and the NCSC's CAF framework is also becoming commonplace for suppliers wishing to provide products or integrate solutions into the Railway.

Why not contact us for further advice or guidance on how Complete Cyber can help you navigate Cybersecurity within the Railway.