Date: December 29, 2011
Abstract: Professor Stefan Katzenbeisser of Technische Universität Darmstadt told a security conference in Berlin that the new system was vulnerable to “Denial of Service” attacks.
"Trains could not crash, but service could be disrupted for quite some time," he said at the Chaos Communication Congress.
In a Denial of Service attack, hackers flood target computers with traffic, effectively forcing them offline. The tactic was used by the LulzSec hacking group earlier this year to briefly shut down the websites of the Serious Organised Crime Agency and CIA.
Network Rail is currently installing GSM-R across the British railway network. It uses the similar technical standards to 2G mobile networks and is due to replace older signalling technology in southern England next year, and throughout the whole country in 2014.
Train switching systems, which enable trains to be guided from one track to another at a railway junction, have historically been separate from the online world. GSM-R means they will be connected to the internet, however, raising the risk from Denial of Service attacks.
Prof. Katzenbeisser said that “probably we will be safe on that side in coming years”, but added that the new system poses another risk because of the way its encryption keys will be distributed.
The encryption keys are needed for securing the communication between trains and switching systems. They are downloaded to physical media like USB sticks and then sent around for installing - raising the risk of them ending up in the wrong hands.
"This will be a big issue in the future, how to manage these keys safely," Prof. Katzenbeisser said.
Network Rail told the BBC its GSM-R system “is a robust and secure system and Network Rail does not comment in detail on security” (Telegraph, 2011).