Organised Criminal Gangs (OCGs) are now conducting a rapidly growing number of increasingly sophisticated cyber-attacks on all major forms of transport – primarily air travel, shipping and trains.
The UK rail network, for example, is currently undergoing improvements and modifications. Unfortunately, this involves enhancing the network’s electronic communications system, often without giving sufficient thought to safeguarding their network as any improved openness and efficiency must be counterbalanced by a thorough cyber security health check.
As part of a major overhaul of its rail network, the UK is upgrading its signals network; the new network will be called the European Rail Management Network.
There are already growing fears within the industry that the upgrade could be wide open not only for OCGs but also for cyber terrorists. City University has already warned that malware could be deployed in such away as to alter crucial data such as that which is programmed to alert drivers of another train approaching along the track, thereby potentially causing major fatalities.
“We know that the risk [of a cyber-attack] will increase as we continue to roll out the digital technology across the network…It is the smart malware that alters the way the train will respond. So, it will perhaps tell the system the train is slowing down when it is speeding up.
“Governments are not complacent, individual ministers know this is possible, and they are worried about it. Safeguards are going in, in secret, but it is always possible to get around them,” said the Department of Transport.
An equally great challenge is facing the airlines as airplanes and their control systems increasingly rely on Internet-based electronic communications. For example, last weekend (4-5 July), hackers took down a computer used to prepare flight plans for LOT Polish Airlines. The attack took the form of a fairly primitive but effective distributed denial of service (DDoS) onslaught. The result was that 1,400 travellers suffered from flight cancellations with others experiencing severe delays.
This is, however, far from the only recent example of the increasing vulnerability of airlines. Disturbingly, there are also growing industry calls for urgent airline security reviews following claims that is is a relatively simple matter to hack into the satellite communications equipment on passenger jets. The points of vulnerability are the on-board wi fi and in-flight entertainment systems. Using sophisticated malware purloined from the Dark Web, an on-board hacker could access the aircraft’s satellite communication system, potentially gaining access to the plane’s safety control systems.
In 2014, the International Civil Aviation (ICAO) highlighted vulnerabilities in new aircraft positioning communication systems designed to replace radar and other air traffic control systems. Exploiting these still existing weaknesses would allow a hacker or terrorist to remotely provide misleading false information to pilots and to air traffic controllers.
One reason airlines and aviation authorities have been so slow to respond to the growing cyber threat could be memories of cash wasted in safeguarding against Y2K, also known as the “Millennium Bug”, a decade and a half ago. The IT industry then issued horrifying warnings of planes falling from the sky as legacy computer systems failed to take account of the date change at the beginning of the new millennium. In the event, no planes fell from the sky and many in the aviation industry were left with a strong impression that they had paid significant fees to IT consultants and received little benefit.
But this time, around the warnings are real, even though the IT industry is finding itself in the position of the “Little Boy Who Cried Wolf”. There is now a real danger of airlines not reacting fast enough to the pressing need to secure their communications systems.
The shipping industry, too has become hugely reliant on IT. Every new ship that is now built has software to run its engines, which is almost invariably updated remotely. Complex cargo systems are also managed digitally and even cranes run on satellite-based global positioning systems (GPS). IT is also used extensively in maritime navigation systems.
According to global information assurance firm, NCC Group, there are gaping security flaws in the software generally used to manage navigation systems. Somali pirates are already reported to be selecting target vessels by hacking into maritime navigation systems, sometimes misdirecting vessels or freezing their navigation equipment. Hackers are also reported to have breached computers connected to the Belgian port of Antwerp in order to locate a consignment of smuggled drugs, which they then made off with.
There are two levels of threat now facing the chief executives of airlines, shipping lines and train networks. The first is the ever-present threat of OGCs crippling on-board navigation or control systems using various forms malware, now widely available on the Dark Web. This would generally be with a view to demanding payment using ransomware. Ships which have been directed off course into unsafe waters are also vulnerable to physical attack from pirates.
But by far the greater threat is posed by terrorist groups. For example, the air travel industry has become particularly vigilant in searching passengers and their hand luggage, even frequently making them remove their shoes and belts, while too little is being done to secure the airlines’ increasingly vulnerable communication and navigation networks.
If the transport industries do not take steps to deploy 21st Century software of the kind recommended to clients by KCS, which is capable of offering realistic protection against cyber breaches, there is a very real possibility of a terrorist attack. Should, for instance, a terrorist group succeed in hacking into an airline navigation system a plane could be misdirected, causing it to have a collision with the resulting tragic loss of life.
Such a disaster could also result in the airline itself going down, as happened 27 years ago when the Lockerbie bombing resulted in the loss of 259 lives and the demise of Pan Am, formerly the US’s largest international air carrier.
Stuart Poole-Robb is the chief executive of the security, business intelligence and cyber security adviser, the KCS Group Europe.