Railway cyber-security enhanced by multi-layer approach

News18 Jan 2019Rail
Railway cyber-security enhanced by multi-layer approach
Today, no organisation is safe from cyber-attack. Threats to businesses are becoming more complex and evolving rapidly. As railways are becoming increasingly dependent on digitalisation, with Internet Protocol (IP) used for devices like CCTV cameras and mission critical applications for train control systems, they also need to ensure that they are protected by implementing robust cyber-security.
In order to make the most of ‘big data’, rail networks are naturally becoming more open and interconnected. Yet control engineers are ‘tempted to stick with traditional closed networks to maintain security’, although closed networks are not without risk, and many of the benefits associated with modern IP communications networks would then be overlooked.

According to Rail Engineer, traditional serial based communications networks are almost ‘impossible to procure, support and change’, and have always been vulnerable to attacks.

They report that, in some rail enterprise networks:

•    every 4 seconds - an unknown malware is downloaded
•    every 53 seconds – a bot communicates with its command and control centre
•    every 81 seconds – a known malware is downloaded
•    every 4 minutes -  a high risk application used
•    and every 32 minutes – sensitive data is sent outside the organisation

So now that security agencies throughout the world recognise the risks of cyber-security breaches, this highlights the necessity for robust cyber-security policies. Consequently, railway security needs to step up with a multi-layered active security approach, balancing the costs with the thorough protection needed to protect against modern security threats.  

Advantages of a multi-layered approach:

Automation: Automating incident responses means that daily alerts will not overwhelm the defences. Security automation that is up to date with business processes and regulations will keep up with the predicted rapid rise in attacks.

Promoting end-to end security: implementing security that encompasses the entire network, ensures that its security process including asset management and network security as well as security management for IoT devices.

Threats are confined with network segmentation and firewall: Providing traffic isolation and obstructing lateral movement of hackers as they scout the network.

Analytics for improvement: Security analytics correlates data from the entire network including devices and the cloud to identify and report on suspicious activity.

Multi-layer encryption protects data: Meaning that even is a threat should occur, the communication channels, confidentiality, integrity and authenticity are all still protected.

IP based networks: According to Rail Engineer ‘effective cybersecurity is essential for the safe adoption of new IP-based applications for train traffic control, traffic management, maintenance, monitoring, video protection and passenger information systems’. Cyber-security incidents could end up costing rail operators in many different ways, and not just from the loss incurred by disrupted services, but for restoration and recovery costs, lawsuits, brand reputation, and even compensation and penalties.
In order to achieve mission-critical security standards that address rail industry vulnerabilities, rail networks must act quickly to deliver network reliability, performance and scalability that will defend against inevitable security threats and attacks.

Related links

Get in touch
Our technical sales team are ready to answer your questions.
T: +44 (0)1782 337 800 • E: sales@impulse-embedded.co.uk
+44(0)1782 337 800
WE'RE HIRING!If you are looking for a new and exciting challenge please take a look at our recruitment page
Richard B.
Given we're in the middle of a global components shortage, the team at Impulse have gone out of their way to ensure our strict supply requirements are met. To this day, Impulse remain to be a cornerstone supplier and partner for our business.
Sep 2021
+44(0)1782 337 800
MediaNewsRailway cyber-security enhanced by multi-layer app...