BERLIN (Reuters) - Hackers who have shut down websites by overwhelming them with web traffic could use the same approach to shut down the computers that control train switching systems, a security expert said at a hacking conference in Berlin.
Stefan Katzenbeisser, professor at Technische Universität Darmstadt in Germany, said switching systems were at risk of “denial of service” attacks, which could cause long disruptions to rail services.
“Trains could not crash, but service could be disrupted for quite some time,” Katzenbeisser told Reuters on the sidelines of the convention.
“Denial of service” campaigns are one of the simplest forms of cyber attack: hackers recruit large numbers of computers to overwhelm the targeted system with Internet traffic.
Hackers have used the approach to attack sites of government agencies around the world and sites of businesses.
Train switching systems, which enable trains to be guided from one track to another at a railway junction, have historically been separate from the online world, but communication between trains and switches is handled increasingly using wireless technology.
Katzenbeisser said GSM-R, a mobile technology used for trains, is more secure than the usual GSM, used in phones, against which security experts showed a new attack at the convention.
“Probably we will be safe on that side in coming years. The main problem I see is a process of changing ... keys. This will be a big issue in the future, how to manage these keys safely,” Katzenbeisser said.
The software encryption ‘keys’, which are needed for securing the communication between trains and switching systems, are downloaded to physical media like USB sticks and then sent around for installing — raising the risk of them ending up in the wrong hands.
Reporting by Tarmo Virki; Editing by David Holmes