|
Title: Cyber attack halts Polish trains Post by: Bmblbzzz on August 26, 2023, 18:44:43 Russian hackers are being blamed.
Quote Polish intelligence services are investigating a hacking attack on the country's railways, Polish media say. https://www.bbc.co.uk/news/world-europe-66630260Hackers broke into railway frequencies to disrupt traffic in the north-west of the country overnight, the Polish Press Agency (PAP) reported on Saturday. The signals were interspersed with recording of Russia's national anthem and a speech by President Vladimir Putin, the report says. Title: Re: Cyber attack halts Polish trains Post by: stuving on August 26, 2023, 19:10:00 Hacking? What a bizarre description. Surely it's jamming, or intentional radio interference.
Title: Re: Cyber attack halts Polish trains Post by: ellendune on August 27, 2023, 21:50:26 Hacking? What a bizarre description. Surely it's jamming, or intentional radio interference. Depends what they are doing. If they have broken the encryption of messages and broadcasting false encrypted messages then that is hacking, not just jamming. Title: Re: Cyber attack halts Polish trains Post by: stuving on August 27, 2023, 22:17:13 Hacking? What a bizarre description. Surely it's jamming, or intentional radio interference. Depends what they are doing. If they have broken the encryption of messages and broadcasting false encrypted messages then that is hacking, not just jamming. I don't think so. I take "hacking" in common usage to imply getting access to a computer system, but spoofing encrypted messages is a technique that predates computers. In any case, there isn't really anything in the report that implies that, other than its clumsy wording. And presenting it as hacking removes the clear implication in the details that whoever did this must have been nearby, with a transmitter, not somewhere far away such as Russia. Title: Re: Cyber attack halts Polish trains Post by: Bmblbzzz on August 28, 2023, 10:09:33 We don't know exactly what was broadcast, or prevented from being broadcast, nor do we know it was done by Russian agents. But we do know that Russian agents don't have to be based in Russia, just as eg Ukrainian drones attacking Moscow aren't launched from Ukraine, so I don't the location is implied.
Title: Re: Cyber attack halts Polish trains Post by: stuving on September 02, 2023, 23:58:06 Just after those reports, Polish police arrested two guys and confirmed the nature of what they did. From Cybernews (https://cybernews.com/news/century-old-technology-hack-brought-20-trains-to-a-halt-in-poland/):
Quote Century-old technology hack brought 20 trains to a halt in Poland Updated on: 28 August 2023 Ernestas Naprys Senior Journalist Recent cyberattacks against Polish State Railways lacked an essential feature. Rather than modern, cyber-based methods, saboteurs used old-fashioned radio to send stop signals, wreaking havoc on the state's transportation system. Two suspects were detained. On Saturday night, hackers spoofed an unauthorized radio-stop signal to trains in the north-western Zachodniopomorskie province, according to Polish State Railways (PKP) and state-run Polish Press Agency (PPA). Multiple stop signals halted approximately 20 trains, causing delays and standstills. According to the BBC, hackers also transmitted Russia’s national anthem and Russian President Vladimir Putin‘s speech. Earlier in the week, a freight train and a regional passenger train were involved in a minor collision, and an inter-city train was de-railed in the northeast of Poland. PKP stated that all passengers were safe, and services were resumed a few hours later. Polish intelligence services have launched an investigation raising the possibility of sabotage. Stanislaw Zaryn, the deputy coordinator of the intelligence services, told PPA that known attempts by Russia and Belarus to destabilize the Polish state have been going on for months. After train drivers reacted to received radio-stop signals, it took 1-7 minutes to confirm with rail traffic controllers that the situation presented no danger and to resume the journey. Two suspects, both Polish citizens aged 24 and 29, were taken into custody in the eastern city of Bialystok, according to AFP. They’re suspected of illegally hacking into the national railway’s communications network and destabilizing the traffic. Polish authorities also seized radio equipment from their residence. Poland is a central hub for the transit of Western weapons sent to Ukraine. This year, Poland's internal security service ABW arrested members of an alleged Russian spy ring, allegedly tasked with sabotaging railways and disrupting supplies. A cheap radio transmitter is all that’s needed The hackers used railway frequencies to transmit a signal that triggered the emergency stoppage of trains. A simple and cheap radio transmitter is all that’s needed to spoof a radio command. In Poland, the communication on the railway network is carried out by an analog VHF 150 MHz system. The country is set to migrate to a newer digital encrypted alternative, the GSM-R system, by the end of 2024. An analog radio system lacks any encryption or authentication. Lukasz Olejnik, a Polish-speaking independent cybersecurity researcher and consultant and author of the forthcoming book Philosophy of Cybersecurity, explained to Wired that hackers had to send a series of three acoustic tones at a 150.100 megahertz frequency that triggered the train’s emergency stop function. According to him, anyone could do it, as the frequencies and tones are known, the equipment is cheap, and there are even YouTube videos and railway forums explaining the procedure. The first use of radio to control trains dates back to the early 20th century. Even this article, which identifies the non-cyber nature of the attack, still talks about then "hacking into the national railway’s communications network and destabilizing the traffic". This is a voice radio system, not unlike the precursors of GSM-R in other countries, with tones for this "radiostop" function which is similar to GSM-R's Emergency Call. What surprises me their ages - this is more naughty teenager stuff! Title: Re: Cyber attack halts Polish trains Post by: Electric train on September 03, 2023, 10:27:56 Just after those reports, Polish police arrested two guys and confirmed the nature of what they did. From Cybernews (https://cybernews.com/news/century-old-technology-hack-brought-20-trains-to-a-halt-in-poland/): Quote Century-old technology hack brought 20 trains to a halt in Poland Updated on: 28 August 2023 Ernestas Naprys Senior Journalist Recent cyberattacks against Polish State Railways lacked an essential feature. Rather than modern, cyber-based methods, saboteurs used old-fashioned radio to send stop signals, wreaking havoc on the state's transportation system. Two suspects were detained. On Saturday night, hackers spoofed an unauthorized radio-stop signal to trains in the north-western Zachodniopomorskie province, according to Polish State Railways (PKP) and state-run Polish Press Agency (PPA). Multiple stop signals halted approximately 20 trains, causing delays and standstills. According to the BBC, hackers also transmitted Russia’s national anthem and Russian President Vladimir Putin‘s speech. Earlier in the week, a freight train and a regional passenger train were involved in a minor collision, and an inter-city train was de-railed in the northeast of Poland. PKP stated that all passengers were safe, and services were resumed a few hours later. Polish intelligence services have launched an investigation raising the possibility of sabotage. Stanislaw Zaryn, the deputy coordinator of the intelligence services, told PPA that known attempts by Russia and Belarus to destabilize the Polish state have been going on for months. After train drivers reacted to received radio-stop signals, it took 1-7 minutes to confirm with rail traffic controllers that the situation presented no danger and to resume the journey. Two suspects, both Polish citizens aged 24 and 29, were taken into custody in the eastern city of Bialystok, according to AFP. They’re suspected of illegally hacking into the national railway’s communications network and destabilizing the traffic. Polish authorities also seized radio equipment from their residence. Poland is a central hub for the transit of Western weapons sent to Ukraine. This year, Poland's internal security service ABW arrested members of an alleged Russian spy ring, allegedly tasked with sabotaging railways and disrupting supplies. A cheap radio transmitter is all that’s needed The hackers used railway frequencies to transmit a signal that triggered the emergency stoppage of trains. A simple and cheap radio transmitter is all that’s needed to spoof a radio command. In Poland, the communication on the railway network is carried out by an analog VHF 150 MHz system. The country is set to migrate to a newer digital encrypted alternative, the GSM-R system, by the end of 2024. An analog radio system lacks any encryption or authentication. Lukasz Olejnik, a Polish-speaking independent cybersecurity researcher and consultant and author of the forthcoming book Philosophy of Cybersecurity, explained to Wired that hackers had to send a series of three acoustic tones at a 150.100 megahertz frequency that triggered the train’s emergency stop function. According to him, anyone could do it, as the frequencies and tones are known, the equipment is cheap, and there are even YouTube videos and railway forums explaining the procedure. The first use of radio to control trains dates back to the early 20th century. Even this article, which identifies the non-cyber nature of the attack, still talks about then "hacking into the national railway’s communications network and destabilizing the traffic". This is a voice radio system, not unlike the precursors of GSM-R in other countries, with tones for this "radiostop" function which is similar to GSM-R's Emergency Call. What surprises me their ages - this is more naughty teenager stuff! I believe the term "hacking into a system" dates back to the days of telegraph and telephone cables where they were literally hacked into by nefarious people to access the circuits. Systems and cyber security is always high on the agenda on the UK Railways network being classed as "Critical infrastructure systems of national significance" This page is printed from the "Coffee Shop" forum at http://gwr.passenger.chat which is provided by a customer of Great Western Railway. Views expressed are those of the individual posters concerned. Visit www.gwr.com for the official Great Western Railway website. Please contact the administrators of this site if you feel that content provided contravenes our posting rules ( see http://railcustomer.info/1761 ). The forum is hosted by Well House Consultants - http://www.wellho.net |