Exclusive:Scottish rail network 'wholly unequipped' for digital world amid 'Nightsleeper' cyber attack fears

Network Rail admits some of its communications technology is ‘not that secure’ amid concerns over a Nightsleeper-style cyber security threat

Scotland's rail network is "wholly unequipped" for the transition from mechanical to digitally-controlled signalling amid a "very big threat" to cyber security highlighted by the BBC drama Nightsleeper, Network Rail officials have warned.

The concerns were raised at an industry conference following a cyber security attack in September on Transport for London (TfL), which runs trains, tubes and buses in the city, that Network Rail said had “absolutely devastated” its systems.

Hide Ad
Hide Ad

The attack, from which TfL is still recovering, forced it to suspend multiple services such as passengers’ payment channels and is reported to have cost more than £30 million.

Security officials detected suspicious activity and shut down systems as they feared a ransomware attack, according to Computer Weekly.

UK rail minister Lord Hendy told the House of Commons' transport committee in December: "The cyber attack on TfL is very serious and has been going on for a very long time.”

Also in September, Glasgow Central and Edinburgh Waverley were among stations operated by Network Rail that were hit by a cyber attack in which the wifi landing page was replaced with messaging about terror attacks.

Hide Ad
Hide Ad

Nightsleeper, in which an overnight train is taken over and controlled remotely by hackers, has been dismissed by rail chiefs as fiction, but the potential threat has sparked worries within Network Rail.

The BBC drama Nightsleeper featured passengers trapped on a train from Glasgow controlled by hackers The BBC drama Nightsleeper featured passengers trapped on a train from Glasgow controlled by hackers
The BBC drama Nightsleeper featured passengers trapped on a train from Glasgow controlled by hackers | BBC

Lynsey Hunter, who is in charge of signalling in Scotland for the UK government body that runs the rail network, told a Rail Industry Association conference at the University of Strathclyde in Glasgow: "My discipline is moving from mechanical signals into the networking world very quickly, and Network Rail is wholly, in my view, unequipped to deal with that transition.

"There's some very real possibilities with cybersecurity and we are not ready for that.”

Network Rail Scotland regional asset manager (signalling) Lynsey Hunter raised her concerns at an industry conference Network Rail Scotland regional asset manager (signalling) Lynsey Hunter raised her concerns at an industry conference
Network Rail Scotland regional asset manager (signalling) Lynsey Hunter raised her concerns at an industry conference | Lisa Ferguson/The Scotsman

Ms Hunter, regional asset manager (signalling) for Network Rail Scotland, who was addressing a question to Network Rail’s chief technology officer at the Unlocking Innovation conference, said: "I am really hoping that [Network Rail’s chief technology officer] Robert [Ampomah] is going to be able to tell me about the plans he has got to manage cyber security and to put us in a position where we've got the knowledge to be able to manage it, because right now, certainly within Scotland, we don't, as far as I can see."

Hide Ad
Hide Ad

Mr Ampomah replied: "We recognise that it is a threat, never mind the fictional [Nightsleeper], it's a reality. We only have to look at incidents like TfL suffered recently. That absolutely devastated a lot of our systems they use and they are only just getting back up and running.

"So cyber security is definitely a very big threat. Within Network Rail, we have a very - I'll touch wood as I say it - a relatively secure cybersecurity system.

"We do have lots of checks and balances - never say it's impenetrable, because nothing is. As part of that transition to digital, the understanding and regulation around cybersecurity is of paramount importance.

"It's a key part of what that design looks like. We are working, not just within Network Rail, but across Europe with partners, and also the supply chain, to provide us with an as-secure-as-can-be system to give us that assurance, because the threat grows probably faster than we can build bridges to block it.

Hide Ad
Hide Ad

"We are doing everything possible. The way the systems are being designed should give you some confidence in that at the heart of it is cybersecurity.

"We just have to make sure that as part of that build, we look at all interfaces associated with it to ensure that at every single stage of that build process we have got a secure system.”

However, Mr Ampomah added: "Sometimes we look at what we've got today and we think it's secure.”

Referring to technology used on the rail network including Scotland known as GSMR, or Global System for Mobile communications - Railway, Mr Ampomah said: "GSMR technology - it's not that secure, if I'm honest.

Hide Ad
Hide Ad

"It's a 2G system, which is very old. It probably wouldn't take a genius to work out how to get to it. The system we are moving into in the future is giving us lots of different levels of security."

UK Department for Transport director general for rail services Alex Hynes, a former managing director of Scotland's Railway, which comprises Network Rail Scotland and ScotRail, told the Commons transport committee: "Cyber risk is up there on our risk register, and the department works with the industry on managing those risks."

A Network Rail spokesperson told The Scotsman: "The critical systems that run our railway and keep it safe are very secure, due to their type of functionality, meaning that there is no connection to the outside digital world.

“As we continue to invest, upgrade and utilise more digital systems across our network, cyber security is at the heart of the design, as we learn lessons from railways across the globe.

Hide Ad
Hide Ad

“The events and storyline in Nightsleeper are purely fictional and bear no relation to real life. Our railway, while aided by computers, is actually controlled manually - by drivers in cabs and signallers in signal boxes.”

Several rural Scottish rail lines are still controlled using Victorian era mechanical signalsSeveral rural Scottish rail lines are still controlled using Victorian era mechanical signals
Several rural Scottish rail lines are still controlled using Victorian era mechanical signals | Lisa Ferguson/The Scotsman

Network Rail Scotland is devising a new signalling strategy that will set out how it plans to replace remaining mechanical signal boxes with digital controls.

While much of the rail network across the Central Belt is controlled by large signalling centres in Glasgow and Edinburgh, several rural lines are still operated using Victorian technology involving lineside semaphore signals rather than colour lights.

The signals are changed using large metal levers in signal boxes, where staff still communicate with those in neighbouring boxes by tapping out Morse Code-like “bell codes”.

Dare to be Honest
Follow us
©National World Publishing Ltd. All rights reserved.Cookie SettingsTerms and ConditionsPrivacy notice