Mobility-as-a-service (MaaS) companies that offer on-demand transportation alternatives to private vehicles have proliferated in recent years. These range from ride-hailing services like Uber to micro-mobility platforms like the electric scooter company, Bird. Global MaaS revenues are expected to exceed $1 trillion by 2030, disrupting the entire transportation industry and fostering a competitive ecosystem of dynamic transportation marketplaces. And as the global population rapidly urbanizes, MaaS companies will compete more and more with public transit for riders.
But don’t count out public transportation just yet. For billions of people around the globe, public transit is an essential element of daily life, with railways serving as the backbone of these public transportation systems across the globe. From the New York City Subway to the Shanghai Metro, rail is often the fastest and most convenient transportation method for commuters worldwide. And with 68% of the global population set to live in urban areas by 2050, its importance to billions of commuters worldwide will likely grow in the coming decades.
To succeed in this increasingly competitive mobility landscape, public transportation in general and trains specifically must meet modern demands for efficient, advanced, on-demand service. Indeed, rail systems today are undergoing rapid digitization and adopting more automated, wireless, and connected technologies, both trackside and onboard.
The advantages are manifold: Investing in modernizing rail transit systems is both environmentally and economically beneficial. Transportation is the largest source of U.S. emissions, and rail transit assists in reducing road congestion and curbing CO2 emissions in the face of climate change. Further, rail transit systems help maximize economic productivity. Reliable service ensures employees arrive to work on time, alleviates the stress of bumper-to-bumper commutes, and allows commuters to work on-the-go with Wi-Fi equipped trains. When public transportation systems and last mile Mobility-as-a-Service are combined, the enormous benefits are magnified. Take a train to the city, a subway to work, and jump on a scooter from the station to your office. No cars, no congestion, no smog.
But these technological advancements are not without a cost, most notably greater cyber risk. The more our train and subway systems are connected, the greater the number of ways hackers have to penetrate them in order to wreak their unique brand of havoc. What’s more, as urban commuters increasingly rely upon improved public transportation, these systems will become even more attractive as targets for bad actors — due to the tremendous damage such hacks can have on the economy and public safety.
This is no futuristic, dystopian scenario: Railways and metro systems have already been subjected to cyber-attacks. In 2008, a 14-year old Polish hacker used a television remote control to manipulate the Lodz tram network, derailing four tram cars and injuring 12 passengers. In 2016, the British transport system experienced 4 cyber-attacks in just one year, with cybercriminals hacking into computer networks, message boards, and individual trains. Though none of these four incidents caused physical damage or injury, hackers’ ability to access these systems points to a serious public safety threat. And accounts of grave security breaches continue to mount. This past March, IT security professionals discovered hackers selling access to a Chinese rail system on the dark web that would have enabled the buyer to virtually manipulate the train control system. This is why it is more critical now than ever that cities and transportation agencies invest in cybersecurity measures to protect citizens and commuters.
Public transportation needs to implement customized cybersecurity solutions that are built from the ground up, tailored to the specific needs of each system. Too often, cybersecurity solutions are offered as a one-size fits all package, ignoring the intricacies of individual transit systems and exposing them to greater risk. Railways need protective mechanisms suited to the industry’s unique needs.
Making the problem even more complicated is the fact that today’s rail systems often combine legacy technology, with life-cycles of up to 30 years, with advanced components. Furthermore, most of the aged legacy components were never designed with cybersecurity in mind, to begin with. This is precisely why railways require solutions suited for the digital age.
An effective cybersecurity solution for rail systems will provide real-time alerts and constant monitoring, offering rail operators full visibility into their systems and the ability to address potential threats quickly. Continuous threat detection must be complemented by actionable insights, allowing rail operators, who are not necessarily native speakers of cybersecurity, to review alerts and implement next steps.
As mobility grows increasingly competitive, urban public transportation must not only be efficient and reliable, it must also remain secure. This can be achieved by continuing to make cybersecurity a priority. Otherwise, despite its advantages to commuters, the environment and the economy, public transit’s appeal will soon have run its course.
Amir Levintal is the co-founder and CEO of Cylus a cybersecurity solutions provider.