Hacking the Subway. Predictions and Real Cases

Hacking the Subway. Predictions and Real Cases

Several months ago the subway of Seoul was hacked by using some sort of malware.

Fortunately for everyone and especially for South Korean government, 213 computers of Seoul subway did not contain any sensitive information except the HR and internal planning-related documentation. However, the hackers stole 12 documents with the abovementioned content.

Actually, this post is not dedicated to the hack of the subway in Seoul. In this post we will try to explain how important is security for such a huge mechanism as the subway, what may happen in case of hack, and what other known cases of hacks occurred before.

In one of our previous posts we described and highlighted what is cyber war and what could happen if it started. Actually, hacking the subway is a perfect weapon in the cyber war. And security for such complicated systems is the main part in modern development. The subway typically includes several separate networks, which not interconnected, such as the service network and administrative network. The first one is encrypted and extra secured. At the same time it is not connected to the global Internet and is operated internally by management staff. Such structure helps to avoid the leakage of sensitive and strategic information. Moreover, it helps different sectors of the subway to work properly not affecting each other.

Unfortunately, the number of countries that care about the subway security can be counted on the fingers. The main reason for this is lack of modern equipment to develop security properly. As a result, to disrupt traffic is as simple as to hack the local home network. In the worst-case scenario the hack may cause the accident and even ransom.

A popular case has happened in Kiev, Ukraine, when hackers hacked the digital screens in the subway cars by placing a photo of the famous ‘miss me’ scene from BBC’s Sherlock. The subway management still has no idea what happened and who hacked them. Almost the same case happened in Moscow subway, when after connection to the Wi-Fi network the ISIS flag with title “Paris was yesterday, Moscow is today” appeared on the screen.

Likely today the most popular target for cyber attacks is the turnstile system with the access cards. The daily ridership of New York subway is more than 5,000,000 people, and the number of hackers is growing.

Still we don’t know any massive subway cyber attack with victims. However, considering the rise of conflict between ISIS and world’s leading countries, subway operators must consider the risk of being hacked. Radio subsystems are obviously more exposed, especially in ISM bands. In 2012, the Shenzhen CBTC system in China was reportedly jammed and the railway authorities interrupted 3G services for a day 11,16.