Russian Hackers Warn EU Trains Are Vulnerable to Hijack

Operational high-speed lines in Europe 2015.

A group of Russian hackers have exposed gaping holes in computer systems that control train networks across Europe, claiming its vulnerabilities could lead to attackers causing devastating derailments or hijacking.

Bugs in outdated systems, and human programming errors, have been identified as alarming weak points by a trio of industrial control specialist hackers, who say other hackers could exploit things such as control braking systems – or could even hijack a train.

The Register explains overlooked bugs in device drivers can be exploited by clever hackers: "If somebody can attack the modem, the modem can attack the automatic train control system, and they can control the train," said Sergey Gordeychik, who helped discover the flaw.

Along with Gordeychik, Aleksandr Timorin, and Gleb Gritsai were integral to the discovery and also frustrated over simple vulnerabilities as a result of decades-old control systems. They unveiled their findings at the December Chaos Communications Congress in Hamburg in the hope vendors will fix it. However, they did not share any explicit details on vulnerabilities or rail vendor names and which countries they operate in over fear it would allow encourage attacks.

Mind the hack
Should hackers be able to infiltrate the antiquated operator's control system they may struggle to use it anyway as some require special training, but the article explains there is plenty of documentation that can be found online to allow hackers to access programmable logic controllers and servers.

With many rail operators using a connected system of trains, ticket systems and stations it poses a high-risk threat to safety as well as untold chaos that could follow should this be exploited by malicious hackers.

"The first threat is to safety, or cyber-physical ... the second is economic threats to impact efficiency and revenue, and the third is threats reliability," said Gordeychik.

The three hackers have released their findings to vulnerable vendors to force them to not use easily cracked hard-coded or default passwords to their systems. They say operators, who still remain nameless, are now aware of the worrying weaknesses and are working to fix the issues.

IB Times: http://bit.ly/1Srnxqt

« Amazon’s Data Centers Are Located in US Spy Country
Anonymous Want Revenge For Saudi Executions »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Optimal IdM

Optimal IdM

Optimal IdM is a leading global provider of identity management solutions and services.

Insta Group

Insta Group

Insta are a trusted cyber security partner for security-critical companies and organizations.

Cyber Security For Critical Manufacturing (ManuSec)

Cyber Security For Critical Manufacturing (ManuSec)

Cyber Security For Critical Manufacturing (Manusec) is a global series of summits focusing on Cyber Security for Critical Manufacturing Sectors.

ClearDATA

ClearDATA

The ClearDATA Managed Cloud protects sensitive healthcare data using purpose-built DevOps automation, compliance and security safeguards, and healthcare expertise.

Cyphercor

Cyphercor

Cyphercor is a leading smartphone and desktop-based two-factor authentication (2FA) provider.

Telecommunications & Digital Government Regulatory Authority (TDRA) - UAE

Telecommunications & Digital Government Regulatory Authority (TDRA) - UAE

TDRA focuses on regulating the telecommunications sector and enabling government entities in the field of smart transformation. It is responsible for the overall digital infrastructure in the UAE.

CyberFortress

CyberFortress

CyberFortress is an insuretech startup offering a new kind of online business interruption policy designed for small business.

HackHunter

HackHunter

HackHunter’s passive sensor network continuously monitors, detects and alerts when a malicious WiFi network and/or hacking behaviour is identified.

PrivacySavvy

PrivacySavvy

PrivacySavvy's mission is to provide you with all the information that you need to ensure that your internet privacy is intact, your devices are secure, and that any time you step online, you’re safe.

Kyndryl

Kyndryl

Kyndryl has a comprehensive portfolio that leverages hybrid cloud solutions, business resiliency, and network services to help optimize your IT workloads and transformations.

Mode Solutions

Mode Solutions

Mode guarantee IT performance where you need it most, creating seamless and secure solutions that will alleviate pressure from your business.

VicOne

VicOne

With a vision to secure the vehicles of tomorrow, VicOne delivers a broad portfolio of cybersecurity software and services for the automotive industry.

DruvStar

DruvStar

DruvStar provides B2B cybersecurity around threat management to strengthen businesses across attack vectors.

Relatech

Relatech

Relatech is a Digital Enabler Solution Knowledge (D.E.S.K.) Company that offers digital services and solutions dedicated to the digital transformation of businesses.

Entitle

Entitle

Entitle's SaaS-based platform automates how permissions are managed, enabling organizations to eliminate bottlenecks and implement robust cloud least privilege access.

DuploCloud

DuploCloud

DuploCloud offers an end-to-end DevOps software platform for dev teams that don’t have dedicated DevOps engineers and augments those that do.