CyberRail–putting a stop to cyber-attacks

Danger lurks on the information highway just as it does in real life, with traffic jams, accidents, unauthorised intrusions, criminal attacks and other risks. From power plants to hospitals, air traffic control systems to rail networks, a country’s critical infrastructure (or essential operators) has to be prepared to deal with cyber threats. For railways in particular, cyber security is an issue of increasing importance.

The awareness about potential new cyber threats is crucial. Railway networks and operators have a deeply ingrained culture of safety. However they must be ready to face new security risks in order to protect their systems from the external threats, including criminal activities.

Using operational control systems, modern railway systems have electronic interlocking, radio-based signalling systems and the specially developed GSM-R mobile communications standard with highly specific signalling infrastructures that are difficult for cyber criminals to access. But these complex technologies only work because they are integrated into internet-based data communication networks and therefore run on corresponding servers like any other application. This is where experts see a risk of attacks and interventions by unauthorised users and it is not just a hypothetical danger. Nextgov, the governmental-affiliated American technology newsletter, reported that intruders may have manipulated railway signals in the northwest of the United States in December 2011. Although the incident did not have a dramatic impact, it nevertheless revealed the vulnerability of IT-based technology.

Profound vulnerability analysis: Thales CyberRail provides the possibility to depict vulnerability relationships between the systems and to granulate them based on a weighting of the risks.

Search tab: Thales CyberRail offers the possibility to scan all log data, detect abnormalities, set thresholds and individually define how search results are graphically depicted.

In order to address these risks, Thales developed CyberRail, a monitoring solution for network security. CyberRail can detect, visualise, analyse and provide a timely response to the threats and attacks that railway systems are subject to. The system’s sensors automatically track huge volumes of data transmitted over internal railway systems, collecting critical information about abnormal events. In the event of an attack, the operator can instantly identify the type and location of the incident on their screen and initiate predefined countermeasures. Thales CyberRail not only prevents imminent hazards, but constantly analyses operational data in order to provide an overall picture of potential weaknesses in the IT workflows of critical infrastructure organisations. Based on risk analyses conducted jointly with customers, Thales offers comprehensive security solutions to help completely stop the threat of potential cyber-attacks.