Cybersecurity in the digital railway

Cybersecurity in the digital railway

Reading Time: 5 minutes

Since the 1990s, digitalization has been advancing at speed across all industrial sectors – and railways are no exception. The digitalization of the railway industry has enabled us to run trains at higher speeds and closer together with moving block signaling. This has increased capacity on congested lines, and we have achieved improved cross-border operations.

Many infrastructure owners and rail operators view digitalization as a lever to enhance their competitiveness with other modes of transportation and improve their efficiency and management. Applying digital technologies furthermore enables them to improve the monitoring of their assets and automate more operations. As a result, they can lower their operating costs.

Digitalization is viewed as a new element of competitiveness, and it is likely that in time, digitalization will further offer new opportunities to rail transport actors.

Challenges with the digitalization of rail

Owing to the numerous benefits it can provide, digitalization is undoubtedly an opportunity for the rail industry. It can lead to improved capacity, traffic management, reliability, and lower operating costs, to name a few. However, experts and stakeholders also perceive digitalization as a challenge for rail.

In order to achieve a successful digitalization, it is crucial that rail operators and authorities develop a new mindset. Digitalization modifies the business model and it must evolve from a rather rigid model towards a more dynamic network consisting of suppliers, technological platforms and customers.

A new mindset furthermore includes developing a comprehensive strategy to counteract cyber threats and secure rail assets. Many rail operators have in the past primarily focused on core functionality and affordability, and as a result, the industry has sidelined cybersecurity. In other words: the rail sector has seemingly not been able to evolve at the same pace as the technology around it.

Cybersecurity – a responsibility for the top-level management

When it comes to cybersecurity management in the rail sector, there is more to the concept than the ‘run for the mill’ form of protection. In this industry particularly there are several issues surrounding cybersecurity governance. These include compliance monitoring activities and security operations risk management. It is evident that the cybersecurity process is resource intensive, time-consuming, and you need money to do so.

Cybersecurity must be driven all the way from the top of an organization. The breadth of the threat demands a coordinated top-down approach to risk management as it can reach all corners of the business. By this is meant that the asset owners will be responsible for railway management, network management, risk operations, and mitigation. System integrators will be responsible for access management, system-wide architecture and technical evaluation. Lastly, product suppliers will share responsibility for a secure product and software design, and they will ensure an overall product engineering security.

As a way of ensuring that valuable data and information are adequately safeguarded, top-level management can delegate responsibility to other entities within the organization. As a result, they are ultimately accountable for cybersecurity for the entire organization.

Cloud vs. traditional systems

With the rapid evolvement of the Internet of Things (IoT), many organizations have the same questions on their minds: how do we keep our data secure from cyber attacks? And, should we choose an on-premise environment or a cloud service? Many organizations worldwide choose to postpone their cloud transition due to security concerns. They seem to be under the impression that if they store their data on their on-prem servers, their data will be protected from cyber-security breaches.

The reason why many organizations do not feel safe storing the data in the cloud is that they feel as if they lose control. Having your data stored on servers and systems you neither own nor control can cause insecurities. Nonetheless, control does not mean security, and the physical location of your data matters less than the means of access. It is important to remember that whether we are dealing with an enterprise or a cloud, anything that can be possibly accessed the outside has equal chances of being attacked.

What to consider

It is no secret that the cloud is different from on-premises resources, and cloud security is also quite different from traditional systems. Therefore, when implementing security in the cloud, organizations must rethink how they are currently doing things.

The cloud cannot be protected with simply repurposing traditional on-premises perimeter security tools. In order to protect against cloud-based attacks, organizations must deploy next-generation solutions specifically designed for the cloud.

Whether your security systems are integrated in the cloud or on-premises, systems built without the same rigor around security will not be as secure. It is crucial to shift focus from which type of platform is the best. Instead, focus on a well-defined and executed security strategy with the right enabling technology.

To sum up

Even though other industries may have a higher threat level than the railway industry, it is nonetheless vitally important that we take cybersecurity seriously.

Many in the railway sector use wireless connections to control activities such as monitoring train speed and regulating traffic signals. Even critical components like brakes and doors are controlled by WI-FI connections. Wireless signals like these can expose a network’s vulnerabilities. Via access through the wireless systems, an attacker can send commands to the various components and thus change the behavior of the train.

These kinds of attacks are quite probable and not that far-fetched. In 2017, the WannaCry virus spread across the globe. The virus infected Germany’s rail networks. Hackers placed a text on the passenger information screens at stations and demanded ransom money.

It is clear: the rail industry needs to take these threats seriously. Security must be tightened and a strategy to avoid potential future cyber attacks must be devised.

Get started

If you or your organization are uncertain of how to get started, David Linthicum, Managing Director at Deloitte, has devised a brief guidance. It consists of the following three steps:

  1. Understand your security and governance requirements for a specific system and/or data store. Many of those who deploy security around cloud or traditional systems do not understand what problems they are attempting to solve. You need to define those up front
  1. Understand that controlling access is much more important than the location of the data. Look at how the data is accessed and look specifically at opportunities to breach. Again, most of the data breaches occur around finding a vulnerability, no matter if it’s cloud-based or on-premises
  1. Finally, vulnerability testing is an absolute necessity, no matter if you’re testing the security of cloud-based or traditional systems. Untested systems are unsecured systems

If you are keen to learn more about digitalization and cybersecurity in the rail industry, please review the sources below: 

Follow us on LinkedIn:
2019-08-15T14:30:01+02:00juni 6th, 2019|Kommentarer lukket til Cybersecurity in the digital railway