'Flight shaming' movement shines spotlight on rail cybersecurity

Posted on November 19, 2019 by Amir Levintal - Also by this author

In a recent survey, US and European travelers claimed to have cut back on flights in the past year due to environmental concerns.  J.Starcic/METRO Magazine

With airline travel in the crosshairs of environmental proponents, the "flight shaming" movement is just taking off, but it’s already making an impact. In a recent survey of over 6,000 US and European travelers, 21% claimed to have cut back on flights in the past year due to environmental concerns.

Though the initiative has airlines rightly concerned, the movement’s accelerating success does have the potential to be a major boon for other modes of transportation — in particular, the railways.

'Flight Shaming' Takes Off — Rail Reaps Rewards
Trains have always been the greener option, but in recent years, the industry has doubled down on its embrace of climate-conscious tech including solar, electric and hydrogen high-speed technologies, making trains an even greener alternative.
Governments are getting on board as well. Germany recently announced plans to nearly double taxes on short-haul flights, while at the same time cutting the tariffs on train tickets by more than half. At the same time, Austria’s state railway placed an order for 13 new sleeper cars to meet the growing demand for overnight rail as a replacement to air travel. In Hong Kong, Cathay Pacific may face stiff competition from a newly completed high-speed rail link to the mainland.

While digital advancements keep the trains running on time and make train travel more streamlined, comfortable and enjoyable, they also have a potential downside: a plethora of new cyber risks.

Railway Cyber Threats Still Loom Large
This growing focus on train travel comes exactly as railways become increasingly modernized by adopting an array of connected technologies, enhancing aging legacy signaling systems and improving efficiency and customer service. However, while these digital advancements keep the trains running on time and make train travel more streamlined, comfortable and enjoyable for an ever-growing number of passengers, they also have a potential downside: a plethora of new cyber risks.

Indeed, the rail industry has already weathered its share of cyber scares. Though none resulted in major or lasting damage, these close calls have hinted at the possible risks. In January 2018, the Ontario railway Metrolinx was forced to act quickly in order to thwart a reported cyber-attack originating in North Korea. Between 2015 and 2016, it was reported that the UK’s national rail system fended off numerous intrusions by hackers exploring its vulnerabilities. In 2017, during the devastating WannaCry ransomware attacks, Deutsche Bahn’s scheduling and information systems were “thrown into chaos” according to reports. Several other high-profile attacks on railways and metros have also made the headlines, from San Francisco and beyond, rightfully causing rail executives concern.Railways’ rapid adoption of more automated, connected and wireless technologies increasingly exposes critical assets to the threat of cyber-attacks. Control systems, remote monitoring and maintenance and even passenger WiFi can all offer would-be hackers a potential foothold to breach the network. Such attacks carry the potential to threaten passenger safety, disrupt service, and cause severe economic and reputational damage.

Transport for London's Hammersmith & City line train at King's Cross.
TfL
Transport for London's Hammersmith & City line train at King's Cross.
TfL
Just a Few Transit Hacks Could Derail Progress
While rail has yet to experience a full-scale cyber-attack, the threat of such attacks is only rising. Worrying? One only has to look at analyses in the wake of high-profile transportation disasters to fully grasp even less obvious ramifications of the threat. For example, a study of the aftermath of New York’s tragic 9/11 airline hijackings identified a sudden and pronounced ridership dip in US air travel. The study also observed a corresponding rise in deaths for months following the tragic incident from automobile accidents. In the wake of a major railway cyber-attack, would-be rail passengers might opt for transportation options that feel safer, but actually pose much greater risks.

Cybersecurity actually enables digitalization in rail to meet its full potential, allowing passengers to enjoy all the upgraded, digitized, connected services that come with modern train travel such as WiFi, public transportation apps and more.

Railway Cybersecurity is Imperative
To protect both the environment and passengers, maintaining the present stellar reputation of rail as safe and eco-friendly is imperative.

That means, among other steps, fortifying and improving railway cybersecurity. Because until railway cybersecurity can be guaranteed, the current trend of digitalization in rail, as well as its popular and public support, could be stopped in its tracks by just a few cyber incidents. Indeed, cybersecurity actually enables digitalization in rail to meet its full potential, allowing passengers to enjoy all the upgraded, digitized, connected services that come with modern train travel such as WiFi, public transportation apps and more. Luckily, both private and public sector stakeholders are beginning to grasp the scope of the issue.

Transport for London's North Ticket Hall at Victoria Station.
TfL
Transport for London's North Ticket Hall at Victoria Station.
TfL
The United Kingdom announced soon after the EU directive that organizations providing critical services like transport that fail to enforce strong cyber safeguards of their own could face fines in the tens of millions of pounds. Across the pond in the United States, the Transportation Security Administration (TSA) has spearheaded initiatives to share information on cybersecurity with smaller rail operators on the frontlines.At the vanguard of these efforts are lawmakers in the European Union. Recent regulations like the EU’s Network & Information Security (NIS) Directive mandate comprehensive cyber protections, stipulating steep fines for rail operators lacking compliance. EU member states were given until May of last year to use the directive to pen nationwide regulations and protocols for achieving “a high common level of security of network and information systems.”

With the world clamoring for both safe and sustainable options for travel, rail is perfectly poised to deliver. Yet, doing so also means addressing critical issues such as cybersecurity. Securing railways against the mounting threat of cyber-attacks not only promises to save passengers’ lives — but to bolster the efforts to save our environment as well.

Amir Levintal is the CEO of Cylus, a global leader in rail and metro cybersecurity.

View comments or post a comment on this story. (0 Comments)

More Transit Dispatches Blog Posts

December 10, 2019

Tips for integrating/merging public transit systems

The City of Poughkeepsie worked with Duchess County to consolidate their two transit systems. What were the lessons learned?

December 5, 2019

Flying taxis could transform our cities if we set the right rules

Might Urban Aerial Mobility be the key to reducing congestion, removing people and packages off roads?

December 4, 2019

Why public transit needs accessibility advocates

It seems that transit has a love-hate relationship with advocates, and many disability community advocates feel the same way about transit. 

December 3, 2019

A transit employer’s duty to bargain over automation: Introduction

Three types of labor laws govern transit employment: NLRA, the RLA or state-specific public sector collective-bargaining statutes. 

November 26, 2019

Agencies must step up to achieve transportation equity

In the course of researching my book Better Buses, Better Cities, I was proud to see agencies taking the challenge head on.

See More

Post a Comment

Post Comment

Comments (0)

More From The World's Largest Fleet Publisher

Automotive Fleet

The Car and truck fleet and leasing management magazine

Business Fleet

managing 10-50 company vehicles

Fleet Financials

Executive vehicle management

Government Fleet

managing public sector vehicles & equipment

TruckingInfo.com

THE COMMERCIAL TRUCK INDUSTRY’S MOST IN-DEPTH INFORMATION SOURCE

Work Truck Magazine

The number 1 resource for vocational truck fleets

Schoolbus Fleet

Serving school transportation professionals in the U.S. and Canada

LCT Magazine

Global Resource For Limousine and Bus Transportation