With operational technology systems now controlling train movements and safety critical infrastructure, this calls for a major shift in risk management for the rail sector.
“The rail industry stands at a critical juncture where digital transformation has brought both significant innovation and an increased cyber risk,” said David Muse, Chief Technical Architect at Petards Rail, a leader in intelligent train technology.
Here, Petards Rail, a leader in intelligent train technology with more than 35 years of industry expertise, offer its insights on the sector’s digital vulnerabilities as it faces an unprecedented cyber threat landscape.
Recent Rail Cyber Incidents
In 2015-16 Cybersecurity firm Darktrace revealed that the UK rail network suffered at least four cyber intrusions within a 12-month period. These breaches appeared exploratory rather than disruptive which saw hackers infiltrating railway IT systems (including information displays and possibly control systems), however not causing service outages.
The incidents raised alarm because access to critical management systems (e.g. those controlling signals and trains) was demonstrated, highlighting the real possibility of hackers causing damage if they had malicious intent. UK officials stressed that rail operators were strengthening security as more rail technology goes digital.
More recently, in September 2024, Wi Fi networks at 19 major UK stations, including London Bridge and Euston, were hijacked to display extremist messages.
“Attackers no longer need to compromise physical infrastructure to cause disruption, says David. “Digital vulnerabilities now present clear and present dangers to safety, service continuity, and public confidence.”
The Worst-Case Scenario
Government analysis suggests a coordinated cyber-attack on critical rail control systems could disrupt over 800,000 train journeys daily, effectively paralysing commuter and freight movement across entire regions.
The economic impact would extend far beyond passenger delays, affecting supply chains, workforce mobility, and national productivity.
Security researchers have also demonstrated that sophisticated malware could potentially manipulate digital train control systems such as the European Rail Traffic Management System (ERTMS), interfering with speed data or signalling to override safety protocols.
Legacy Systems Meet Modern Threats
Britain’s rail infrastructure presents unique vulnerabilities due to the integration of decades old signalling equipment with modern digital overlays. Many legacy systems lack built in cyber protections and were never designed for internet connectivity.
“What makes the rail sector uniquely vulnerable is its reliance on legacy systems integrated with modern technology, often with limited native security controls,” David explained. “As operational technology becomes increasingly connected to the cloud, to enterprise systems, and even to passenger devices, the attack surface widens considerably.”
Remote diagnostics and maintenance links, whilst improving operational efficiency, create potential conduits for attackers. Modern trains continuously transmit operational data to cloud platforms for analysis, and any breach in these networks could provide access to onboard control systems.
Insider Threats and Supply Chain Risks
Experts warn that the greatest threat may come from insiders or compromised supply chain partners rather than external hackers.
The September 2024 station Wi Fi incident involved an insider account from a third-party provider, highlighting vulnerabilities in contractor access controls.
“This evolving threat landscape reinforces the urgent need for the rail sector to adopt a proactive, system wide cybersecurity mindset,” said David.
“Securing the future of rail demands embedded cyber resilience, continuous risk assessment, and shared responsibility across all stakeholders to defend what is undeniably critical national infrastructure.”
With rail accounting for 9 per cent of UK passenger miles whilst contributing only 1.4 per cent of domestic transport emissions, protecting this vital infrastructure from cyber threats is essential for both economic resilience and environmental goals.
For further insights from Petards Rail on the future of rail, take a look at their new whitepaper: here.
0113 2082620
5th Floor, 2 Bond Court, Leeds LS1 2JZ
