Monday, July 15, 2024

Hackers Disruptred Poland’s Railway System Signals

Poland’s Railway infrastructure, a crucial transit route for Western weapons transported to Ukraine, has been compromised by cybercriminals.

The signals were intermingled with recordings of the Russian national anthem and a speech by President Vladimir Putin, according to the Polish Press Agency (PAP).

According to the information shared, the incident occurred on Saturday when hackers sent a signal that caused emergency train stops close to Szczecin, Poland. About 20 trains came to a complete stop, but services were soon resumed.

“We know that for some months there have been attempts to destabilize the Polish state,” Stanislaw Zaryn, a senior security official, said. 

“Such attempts have been undertaken by the Russian Federation in conjunction with Belarus.”

Criminals Instructed The Trains Via Radio Frequency 

The “cyberattack” doesn’t appear to have involved any “cyber” at all, despite how disruptive the railway sabotage has been, claims Lukasz Olejnik, a Polish-speaking independent cybersecurity researcher and consultant.

In reality, the criminals seem to have instructed the trains they targeted with straightforward radio frequency “radio-stop” commands.

Olejnik claims that since the trains use a radio system that does not have encryption or authentication for those commands, anyone with as little as $30 in common radio equipment can transmit the command to Poland’s Railway.

Further, they activate their emergency stop function by sending a series of three acoustic tones at a frequency of 150.100 megahertz.

“It is three tonal messages sent consecutively. Once the radio equipment receives it, the locomotive goes to a halt,” Olejnik says.

In Polish radio and railway forums as well as on YouTube, the capability to send the command has long been discussed.

“Everybody could do this. Even teenagers trolling. The frequencies are known. The tones are known. The equipment is cheap”, he added.

The proximity of the saboteurs to the target trains, which might range from a few hundred feet to several miles, depending on the strength of the radio equipment they would be using to cause disruption.

“It is really a cheap operation. The biggest risk is the need to be in proximity”, Olejnik said.

According to a statement from the railways, the train delays were caused by ‘unauthorized broadcasting of the radio-stop signal’ that was transmitted “using a radiotelephone by an unknown perpetrator.”

“There is no threat to rail passengers. The result of this event is only difficulties in the running of trains”, the Railway Agency wrote.

By 2025, Poland’s Railway systems will be upgraded to almost entirely employ GSM cellular radios, which feature encryption and authentication, according to the country’s national transportation agency. 

However, as long as that point, it will continue to operate on the comparatively unprotected VHF 150 MHz system, which makes it possible to spoof “radio-stop” instructions.

Keep informed about the latest Cyber Security News by following us on Google NewsLinkedinTwitter, and Facebook.


Latest articles

Critical Cellopoint Secure Email Gateway Flaw Let Attackers Execute Arbitrary Code

A critical vulnerability has been discovered in the Cellopoint Secure Email Gateway, identified as...

Singapore Banks to Phase out OTPs for Bank Account Logins Within 3 Months

The Monetary Authority of Singapore (MAS) and The Association of Banks in Singapore (ABS)...

GuardZoo Android Malware Attacking military personnel via WhatsApp To Steal Sensitive Data

A Houthi-aligned group has been deploying Android surveillanceware called GuardZoo since October 2019 to...

ViperSoftX Weaponizing AutoIt & CLR For Stealthy PowerShell Execution

ViperSoftX is an advanced malware that has become more complicated since its recognition in...

Malicious NuGet Campaign Tricking Developers To Inject Malicious Code

Hackers often target NuGet as it's a popular package manager for .NET, which developers...

Akira Ransomware Attacking Airline Industry With Legitimate Tools

Airlines often become the target of hackers as they contain sensitive personal and financial...

DarkGate Malware Exploiting Excel Files And SMB File Shares

DarkGate, a Malware-as-a-Service (MaaS) platform, experienced a surge in activity since September 2023, employing...
Guru baran
Guru baran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Free Webinar

Low Rate DDoS Attack

9 of 10 sites on the AppTrana network have faced a DDoS attack in the last 30 days.
Some DDoS attacks could readily be blocked by rate-limiting, IP reputation checks and other basic mitigation methods.
More than 50% of the DDoS attacks are employing botnets to send slow DDoS attacks where millions of IPs are being employed to send one or two requests per minute..
Key takeaways include:

  • The mechanics of a low-DDoS attack
  • Fundamentals of behavioural AI and rate-limiting
  • Surgical mitigation actions to minimize false positives
  • Role of managed services in DDoS monitoring

Related Articles