What are the commonalities between the recent Baltimore’s “RobbinHood” and San Francisco Municipal Transportation Agency “Mamba” malware attacks? Besides both crippling the activities of two Public Authorities, each event involved a ransomware.
What about similarities between Deutsch Bahn’s station and Lodz city tramway attacks? Not much, besides targeting railways. In the first case, the WannaCry virus affected Passenger Information Systems and mostly tarnished the German’s train operator image. In the second a fourteen-year-old Polish hacker derailed four trams after taking control over the entire network, through a modified TV remote control!
Cyberattacks in railways, unlike in many other sectors, can kill people (e.g., twelve were injured in Poland). This isn’t to say that a malware paralyzing a factory’s production line or a ransomware blocking access to a company’s server is tolerable but just to state that when lives are at stake, extra protection should be taken.
Since the origin of train transportation, life protection has been embedded in railway DNA through the concept of Safety. All networks with their connected equipment must be assessed according to levels of risks and hazards. Conditions are tested and failures predicted, which are then translated into four Safety Integrity Levels (SIL). Safety critical systems, such as the railway signaling system, will be graded SIL4 and need to be certified by independent assessors, before being allowed to operate. This lengthy and complex process is one of the major railway specificities, which must be accounted for when implementing Artificial Intelligence to protect railway systems efficiently.
