Rail Engineer - Issue 189 - March-April 2021

Page 84

84

FEATURE

CLIVE KESSELL

CYBER SECURITY

M

uch continues to be written about cyber security, the threats that exist and the precautionary measures that should be taken. The problem is very real and cyber-attacks take many forms, ranging from critical systems being disabled with implications for safety, through to ransom attacks that demand monetary payments for service to be restored, down to the nerd in the bedroom who finds it fun to use his/her knowledge to get into networks which are supposed to be secure.

Rail Engineer | Issue 189 | Mar-Apr 2021

The rail industry is diverse and cyber intrusions have been noticed in many disciplines. A recent talk given to the Institution of Railway Signal Engineers by Alzbeta Helienek (known as Betty) and Mathijs Arends, both from Ricardo Rail based in Holland, explained a means of making cyber security more understandable to people who need to make decisions on what to do. Betty also sits on the UK Cyber Security Council so has much wider experience than just the railway and signalling industry.

Cyber security and rail An opening remark by the IRSE President was salutary; in 1963, the then British Rail experienced the Great Train Robbery, where a mail train from Glasgow to London was ambushed en route with several million pounds being stolen. To stop the train, the gang false-fed a signal to red, having gained some insider knowledge. The incident was reported worldwide and has achieved an element of notoriety. In those days, IT had barely been invented, but it demonstrates what can be achieved by those with intent on malice. PHOTO: SOLARSEVEN

At best it is inconvenient; at worst it can put an entire business at risk. Even now, there is a casual attitude to the threats by some businesses, with a few still believing “it can’t happen to us”. They are wrong, as the correct thinking is “it will happen to us, we just don’t know when or in what form”. Part of the problem is that preventative measures cost money and senior management has a reluctance to spend that money on things they don’t properly understand. Instead, the cyber security situation is often addressed by in-house IT experts who produce information documents, written in IT-speak that further baffles the directors. A means of making it all simpler would be to the benefit of all.

PHOTO: RIDVAN CELIK

Understanding

Turn static files into dynamic content formats.

Create a flipbook

Articles inside

Freight during the pandemic

13min
pages 92-100

The safeguarding challenge

9min
pages 87-89

Monitoring cyber security

2min
pages 90-91

Understanding cyber security

10min
pages 84-86

Controlling Docklands’ traction

8min
pages 78-83

A question of confidence

7min
pages 74-77

ERTMS on the East Coast Main Line

14min
pages 68-73

Rail 5G - private or public networks?

7min
pages 64-67

62Crewe Basford Hall and Independent Lines resignalling

12min
pages 60-63

Midland Main Line revisited

8min
pages 52-55

Rail repairs with ultra-fast solutions

5min
pages 44-45

A bridge too far

12min
pages 46-51

The big push

25min
pages 16-29

Resilience by design

12min
pages 36-39

Rail infrastructure strategy and vision

11min
pages 30-35

Specialists in structural precast for railways

5min
pages 40-43

Getting projects right

14min
pages 10-15

Notices

6min
pages 6-9
Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.