According to researchers, the UK rail network became a victim of cyber attacks in the last one year.
The spate of cyber attacks has become commonplace to the extent that the UK rail network suffered not less than four major attacks in the past twelve months alone.
Darktrace discovered the cyber attacks which targeted different departments within the network.
Darktrace is a cybersecurity startup based in Britain that is mandated with the oversight and mandate of a big chunk of the UK’s railway network.
In a briefing to news agencies, Dave Palmer, the chief technology officer at Darktrace observed that increasingly complex networks that hallmark the cyber-era that we are in will always be prone to attacks especially now that most defences are imperfect.
He adds that all businesses are vulnerable regardless of their size or orientation.
According to cyberspace security researchers, the cyber attacks didn’t seem to be tailored for any disruptions or system sabotage but were more of explorative in nature.
This means that the attacks were more or less intended to scout the computer systems.
The other observation is that it wasn’t clear who was behind the attacks.
A common conclusion within cyber security circles in that the cyber attacks could have been staged by nation-state attackers conducting surveillance procedures.
This is commonly deemed as cyber espionage; where information technology systems that deal with government data and sensitive infrastructure are explored for information.
According to Kaspersky Lab’s Sergey Gordeychik, the railway system is prone to mayhem if the hackers could get through to the network.
According to Sergey, research shows that train patterns and behavior could be manipulated by accessing the networks; an occurrence he says would affect traffic lights, train speeds, commuter points and interchange points.
A good example is if someone would stage a cyber attack and change traffic lights to green, giving all trains a go ahead instead of stalling some to allow for a smooth flow.
The effect would clearly be major crashes. Another danger that cyber attacks pose to the networks is running the trains off the tracks by changing the speed limit.
You would be forgiven for asking who would be interested in staging cyber attacks on any given network.
According to Sergey, cyber security research observes a lot of activities coming from state-sponsored hackers.
The main aim as at now seems to be information gathering; there is nothing threateningly destructive that is being done to the networks where attacks have been observed.
Stakeholders in the UK train network system however quickly add that train systems are generally engineered for high levels of safety.
Network Rail spokesman notes that Britain is home to the safest train networks in Europe because safety comes high in the priorities of network agencies.
The digital in-cab signalling technology which is currently being adopted by networks all over Europe and elsewhere in the world has long been used on the Tube and other train systems in Britain.
The report by Darktrace comes to the industry as more of a warning even to other industries in the wake of a massive roll out of digital networks across vital infrastructure.
Even though some components of the UK rail system remain on analogue platforms, a larger portion is gravitating towards the use of computer networks for execution.
Most of the cyber attacks that have been discovered were also observed to be overwhelmingly in-line with information in a series of 2016 cybersecurity predictions made by PKWare, a US data-security firm.
The firm predicted among other things cyber attacks on train networks, healthcare systems and electrical grids.
Covata’s CEO Trent Telford observes that the multiple cyber attacks on the UK rail system in the past 12 months are a great eye opener and an indicator of just how important data security is.
According to him, industries across the board should really focus on stringent management of access rights over digital networks.
He says the internet of things presents a good platform for economic growth but on the other hand makes it possible for a malicious individual to maneuver through networks and leverage loopholes to harness control.
This, he says is particularly disturbing in light of critical infrastructure where compromised systems could mean massive disruptions to the extent of a crippling effect.