Hackers can use just a radio to cause train accidents in US, CISA explains how
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a key train system in the US. The warning specifically concerns the End-of-Train and Head-of-Train protocol, which the agency claims could be hacked using only a radio. This vulnerability stems from the system's lack of encryption and authentication protocols. The flaw involves the communication between a
Flashing Rear End Device
(FRED), or End-of-Train (EOT) device, attached to the back of a train, and a corresponding Head-of-Train (HOT) device in the locomotive. Installed in the 1980s to replace caboose cars, these devices can transmit data via radio signals, where commands can also be sent to the FRED to apply brakes at the rear of the train.
The current system is dependent on data packets with a simple BCH checksum for error detection. However, CISA is now warning that a person using a software-defined radio could potentially send fake data packets, which would allow them to interfere with train operations.
What CISA said about this train system vulnerability
In its advisory, CISA wrote:
'Successful exploitation of this vulnerability could allow an attacker to send their own brake control commands to the end-of-train device, causing a sudden stoppage of the train, which may lead to a disruption of operations, or induce brake failure,' the CISA wrote in its advisory.'
What researchers said about this train system's vulnerability
CISA credited researchers Neil Smith and Eric Reuter for reporting this vulnerability. Moreover, in a post shared on the social media platform X (earlier Twitter) that he had first alerted the agency's predecessor, ICS-CERT, back in 2012 and no action was taken at the time.
In his X post, Smith wrote:
'So how bad is this? You could remotely take control over a Train's brake controller from a very long distance away, using hardware that costs sub $500. You could induce brake failure leading to derailments or you could shutdown the entire national railway system.'
However, Smith noted that efforts to address a cybersecurity flaw stalled due to a disagreement between ICS-CERT and the Association of American Railroads (AAR) between 2012 and 2016, as the latter considered the risk too theoretical without real-world proof.
When Smith raised the issue again in 2024, AAR still downplayed its importance, though it later announced plans to upgrade the outdated system in 2026.
AI Masterclass for Students. Upskill Young Ones Today!– Join Now
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Time of India
an hour ago
- Time of India
Suits & Sayings: Word Play
Amid rampant speculation over a potential deal involving mega investments in this relatively young and rising financial services firm coming undone, there was increased chatter about cracks in a longstanding friendship between the key principals of the transaction. The target company's stock took a beating and the guessing game didn't spare the CEO either. But it turns out that the deal is on track and a revised proposal will be presented to shareholders at the upcoming AGM at the end of the month. Some had previously rejected the plan because it conferred permanent decision-making rights on one of the two new investors besides calling for amendment of the articles of association. The word 'permanent' will be dropped and the articles will remain unchanged. Instead, a board seat on nomination basis is being proposed. The other members will be able to invite the investor's solo representative to join key committees. With most regulatory approvals in place, save one, this much-needed capital boost should be able to sail through. You can bank on this one! Suits & Sayings Explore courses from Top Institutes in Select a Course Category Leadership Cybersecurity Design Thinking others Others Healthcare Public Policy Management CXO Finance Product Management healthcare MCA Data Science Project Management Operations Management Artificial Intelligence MBA Digital Marketing Data Analytics Data Science Degree Technology PGDM Skills you'll gain: Duration: 22 Weeks Indian School of Business SEPO - ISB Venture Capital & Private Equity India Starts on undefined Get Details Skills you'll gain: Critical Thinking & Decision-Making Skills Power of Emerging Technologies Innovation and Drive Organizational Change Fostering a Culture of Innovation Duration: 9 Months MIT xPRO MIT Technology Leadership and Innovation Starts on May 14, 2024 Get Details Skills you'll gain: Duration: 11 Months IIM Lucknow CERT-IIML SLP India Starts on undefined Get Details Skills you'll gain: Duration: 12 Months IIM Kozhikode Advanced Strategic Management Programme Starts on undefined Get Details Skills you'll gain: Duration: 12 Months IIM Kozhikode Senior Management Programme Starts on undefined Get Details Skills you'll gain: Duration: 18 Weeks 109820388 Strategic Marketing for Leaders: Leveraging AI for Growth Starts on undefined Get Details Skills you'll gain: Duration: 10 Months IIM Kozhikode CERT-IIMK-Women Leadership Programme INDIA Starts on undefined Get Details Skills you'll gain: Duration: 12 Weeks IIM Kozhikode CERT-IIMK EPIS Async India Starts on undefined Get Details Skills you'll gain: Duration: 10 Months IIM Indore Executive Programme in Business Management Starts on undefined Get Details Skills you'll gain: Strategic Thinking & Planning Competitive Advantage & Market Positioning Strategic Leadership & Decision-Making Change Management & Organizational Transformation Duration: 1 Year IIM Kozhikode IIMK Advanced Strategic Management Programme Starts on Mar 30, 2024 Get Details Skills you'll gain: Duration: 12 Months IIM Kozhikode SEPO - IIMK CEO Programme India Starts on undefined Get Details Skills you'll gain: Financial Accounting & Analysis Financial Instruments & Markets Corporate Finance & Valuation Investment Management & Banking Duration: 12 Months IIM Kozhikode IIMK Professional Certificate in Financial Analysis and Financial Management Starts on Mar 30, 2024 Get Details Skills you'll gain: Opportunities & Outlining Plans to use AI & ML Applying Data-Driven Business Innovation Best Practices Changing Culture to Integrate AI-Enabled Technologies Ethics, Privacy and Regulations in AI & ML Duration: 20 Weeks Indian School of Business ISB Leadership in AI Starts on May 14, 2024 Get Details
Time of India
2 hours ago
- Time of India
Microsoft looks to boost AI performance in European languages
Paris: US tech behemoth Microsoft is investing millions of dollars to funnel more European-language data into AI development, company president Brad Smith told AFP Monday. With today's leading AI models mostly trained on material in English, "the survival of these languages and the health of these cultures is quite literally at stake" without a course correction, Smith said in an interview. AI models are "less capable when it is in a language that has insufficient data," he added -- which could push more users to switch to English even when it is not their native language. Microsoft will from September set up research units in the eastern French city Strasbourg to "help expand the availability of multilingual data for AI development" in at least 10 of the European Union's 24 languages, including Estonian and Greek. The work will include digitising books and recording hundreds of hours of audio. "This isn't about creating data for Microsoft to own. It is about creating data for the public to be able to use," Smith said, adding that the information would be shared on an open-source basis. The US-based company has in recent months striven to position itself as especially compatible with a gathering political push for European technological sovereignty. Leaders in the bloc have grown increasingly nervous at their dependency on US tech firms and infrastructure since Donald Trump's reelection to the White House. In June, Microsoft said it was stepping up cooperation with European governments on cybersecurity and announced new " data sovereignty " measures for its data centers on the continent. Smith said that Monday's announcement was just the latest evidence of the company's commitment to Europe. Most leading AI firms are American or Chinese, although Europe has some standouts like France's Mistral or Franco-American platform Hugging Face. Away from Microsoft, some European initiatives such as TildeLM are pushing to develop local-language AI models. The Windows and Office developer also said Monday that it was working on a digital recreation of Paris' Notre-Dame cathedral that it plans to gift to the French state, as well as digitising items from the country's BNF national library and Decorative Arts Museum.
Time of India
3 hours ago
- Time of India
Explained: 10000-plus companies at risk and …, what makes the Microsoft SharePoint attack very dangerous right now
Microsoft is scrambling to contain a widespread cyberattack targeting SharePoint servers worldwide, with cybersecurity experts warning that over 10,000 companies could be at risk. Tired of too many ads? go ad free now The software giant confirmed that hackers are actively exploiting previously unknown security flaws in on-premises SharePoint servers used by government agencies, universities, and major corporations to share internal documents. The Cybersecurity and Infrastructure Security Agency ( CISA ) added the vulnerability to its Known Exploited Vulnerability catalog on Saturday, giving federal agencies just one day to apply patches once they become available. "These exploits are real, in-the-wild, and pose a serious threat," warned Palo Alto Networks, while Google's Threat Intelligence Group confirmed observing active exploitation attempts. Dutch cybersecurity firm Eye Security first detected the attacks on July 18th and reports that at least 85 SharePoint servers across 54 organizations have already been compromised. Among the victims are a California university, energy companies, federal health organizations, and government entities in Florida and New York. Microsoft Sharepoint's zero-day exploits leave tens and thousands of organisations vulnerable The attack leverages what's known as a "zero-day" vulnerability – a security flaw unknown to software makers until it's actively exploited by hackers. Cybersecurity researchers estimate that over 10,000 companies with SharePoint servers are potentially at risk, with the United States, Netherlands, United Kingdom, and Canada having the highest concentrations of vulnerable systems. "It's a dream for ransomware operators, and a lot of attackers are going to be working this weekend as well," said Silas Cutler, a researcher at Michigan-based Censys. Tired of too many ads? go ad free now The vulnerability allows hackers to access file systems, steal sensitive configurations, and execute malicious code across networks without authentication. The attackers are using a technique called "ToolShell" that was originally demonstrated at the Pwn2Own security conference . They upload malicious files to steal critical server keys, then use these stolen credentials to create valid access tokens that bypass security measures entirely. Government agencies among primary targets in Microsoft Sharepoint attack Federal and state agencies appear to be prime targets in this campaign, with the FBI confirming it's "aware of the matter" and working with government and private sector partners to assess the threat. The Washington Post reported that the breach has affected multiple U.S. agencies, though specific details remain classified for security reasons. CISA's Acting Executive Assistant Director for Cybersecurity Chris Butera emphasized the urgency: "Microsoft is responding quickly, and we are working with the company to help notify potentially impacted entities about recommended mitigations. CISA encourages all organizations with on-premise Microsoft SharePoint servers to take immediate recommended action." Organizations can detect if they've been compromised by checking for suspicious files named " on their servers or unusual network activity from specific IP addresses that security firms have identified as attack sources. Microsoft releases emergency updates Microsoft has released emergency security updates for SharePoint 2019 and Subscription Edition servers, with a patch for SharePoint 2016 expected soon. The company recommends that organizations unable to immediately apply updates should disconnect their SharePoint servers from the internet until patches can be installed. For additional protection, Microsoft advises enabling its Antimalware Scan Interface (AMSI) feature and deploying Windows Defender Antivirus on all SharePoint servers. Organizations should also rotate their server security keys after applying patches to prevent further unauthorized access. This incident adds to Microsoft's recent cybersecurity challenges, including Chinese hacker attacks earlier this year and criticism from the White House's Cyber Safety Review Board, which called the company's security culture "inadequate" following previous breaches.
