Hackers Disruptred Poland’s Railway System Signals

Poland’s Railway infrastructure, a crucial transit route for Western weapons transported to Ukraine, has been compromised by cybercriminals.

The signals were intermingled with recordings of the Russian national anthem and a speech by President Vladimir Putin, according to the Polish Press Agency (PAP).

According to the information shared, the incident occurred on Saturday when hackers sent a signal that caused emergency train stops close to Szczecin, Poland. About 20 trains came to a complete stop, but services were soon resumed.

“We know that for some months there have been attempts to destabilize the Polish state,” Stanislaw Zaryn, a senior security official, said. 

“Such attempts have been undertaken by the Russian Federation in conjunction with Belarus.”

Criminals Instructed The Trains Via Radio Frequency

The “cyberattack” doesn’t appear to have involved any “cyber” at all, despite how disruptive the railway sabotage has been, claims Lukasz Olejnik, a Polish-speaking independent cybersecurity researcher and consultant.

In reality, the criminals seem to have instructed the trains they targeted with straightforward radio frequency “radio-stop” commands.

Olejnik claims that since the trains use a radio system that does not have encryption or authentication for those commands, anyone with as little as $30 in common radio equipment can transmit the command to Poland’s Railway.

Further, they activate their emergency stop function by sending a series of three acoustic tones at a frequency of 150.100 megahertz.

“It is three tonal messages sent consecutively. Once the radio equipment receives it, the locomotive goes to a halt,” Olejnik says.

In Polish radio and railway forums as well as on YouTube, the capability to send the command has long been discussed.

“Everybody could do this. Even teenagers trolling. The frequencies are known. The tones are known. The equipment is cheap”, he added.

The proximity of the saboteurs to the target trains, which might range from a few hundred feet to several miles, depending on the strength of the radio equipment they would be using to cause disruption.

“It is really a cheap operation. The biggest risk is the need to be in proximity”, Olejnik said.

According to a statement from the railways, the train delays were caused by ‘unauthorized broadcasting of the radio-stop signal’ that was transmitted “using a radiotelephone by an unknown perpetrator.”

“There is no threat to rail passengers. The result of this event is only difficulties in the running of trains”, the Railway Agency wrote.

By 2025, Poland’s Railway systems will be upgraded to almost entirely employ GSM cellular radios, which feature encryption and authentication, according to the country’s national transportation agency. 

However, as long as that point, it will continue to operate on the comparatively unprotected VHF 150 MHz system, which makes it possible to spoof “radio-stop” instructions.

Keep informed about the latest Cyber Security News by following us on Google News, Linkedin, Twitter, and Facebook.