Cyber threats in rail industry to worsen, warn experts

Legacy components in system will exacerbate problem, says panel

Cyber security threats to rail operations are a pressing issue that will get more serious, a panel of experts said yesterday.

These threats, which are exacerbated by issues such as legacy components in the transport system, will need to be addressed to safeguard the safety of commuters on trains, said the panel, which included the Land Transport Authority's (LTA) chief information security officer Huang Shao Fei.

Mr Huang, with SBS Transit's head of rail development Jeffrey Sim and Thales' cyber security expert for transport Benoit Bruyere, was speaking at a panel discussion on cyber security for rail at the Intelligent Transport Systems World Congress yesterday.

Thales, a French technology company, supplies the signalling system for the North-South Line and East-West Line in Singapore.

The experts' comments come in the light of Transport Minister Khaw Boon Wan's call for more attention to cyber security in intelligent transport systems.

LTA's Mr Huang noted that transport systems, especially older ones, were not designed for digitalisation.

He added: "If you look at how (the cyber threat to rail operations) is evolving, it is going to become even more nefarious, more serious."

He did not say whether such attacks have happened on Singapore's rail system.

But he noted that another concern was with the supply chain in train systems, given that suppliers sometimes depend on other firms to manufacture parts in their products. It is difficult to determine the security of these components, he said.

According to The Cyberthreat Handbook by Thales and cyber intelligence firm Verint that was published earlier this month for cyber security stakeholders, the transport sector is the fourth most targeted sector by cyber attackers, behind sectors such as finance.

SBS' Mr Sim said that beyond defending against cyber attacks, operators will have to prepare to respond to successful attacks.

"Looking at an issue from a cyber security perspective is totally different from looking at it from a system fault perspective," he said.

Experts at the congress discussed the security backlash that might come with advances in transport technology.

They warned that smart vehicles linked to transport infrastructure are another node in interconnected systems that bad actors or cyber attackers can physically access.

Instead of trying to enter a network through malicious software or other established cyber attack methods such as phishing, criminals can enter networks illegally from these vehicles.

Mr Ziv Levi, chief executive of transport cyber security firm Arilou Technologies, said "unlike an internal organisation network or cloud services, where you assume somebody needs to hack something remotely, in the case of the automotive environment, in many cases, somebody can just buy a car... and he's immediately part of your network".

He added that teams designing systems in the transport field need to always assume bad actors have access to all the data they need to enter their networks, and design them with security in mind.

But the experts agreed that it is impossible to guarantee a system will not be breached. Instead, governments, companies and other stakeholders should invest in ways to reduce and manage that risk.

Mr Josh Johnson, director of the critical systems department at American research organisation Southwest Research Institute, said: "It is about picking the low-hanging fruit, doing a risk assessment on the most critical risks and vulnerabilities, and addressing those."

Join ST's Telegram channel and get the latest breaking news delivered to you.

A version of this article appeared in the print edition of The Straits Times on October 23, 2019, with the headline Cyber threats in rail industry to worsen, warn experts. Subscribe