Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Security

Poland's Railways Halted by Radio Hack (gizmodo.com) 58

The Polish Railway's radio system was hacked on Friday and Saturday, bringing 20 freight and passenger trains to an unprecedented standstill. The hack, believed to be carried out by Russia, took advantage of a critical flaw in the railway's radio security system, with the issue reportedly restored within hours. From a report: An investigation into the cyberattack is underway, and the Polish Press Agency (PAP) reported that the radio signals sent to stop the trains were interspersed with a recording of Russia's national anthem and a speech by Russian President Vladimir Putin.

Poland is an important transportation hub that brings much-needed weapons supplied by Western countries and other aid to Ukraine amid the Russian invasion, and Senior Security Official Stanislaw Zaryn told PAP: "For the moment, we are ruling nothing out." He continued: "We know that for some months there have been attempts to destabilize the Polish state. Such attempts have been undertaken by the Russian Federation in conjunction with Belarus." Train services were reportedly restored within hours and the Polish State Railways said in a statement that "there is no threat to rail passengers" and the cyberattack only caused "difficulties in the running of trains."

This discussion has been archived. No new comments can be posted.

Poland's Railways Halted by Radio Hack

Comments Filter:
  • by tragedy ( 27079 ) on Monday August 28, 2023 @01:07PM (#63803730)

    One wonders just how much Russia can get away with before other nations actually do anything about it directly. They seem to be able to get away with numerous instances of outright murder and attempted murder in the territory of other nations. Is anyone going to say enough is enough at some point, or is it still just going to be appeasement?

    • You go girl!
      We're all behind you

      • Re: (Score:2, Interesting)

        by bookwormT3 ( 8067412 )

        Well in all fairness Russia has talked about their nuclear weapons in a rather aggressive way. And the supply of NLAWs, Javilins, Storm Shadows, and Stingers have devastated further offensive capability of the russian army. And as I understand it, cluster munitions are hurting russian defenses a fair bit.

        Unfortunately the shortsighted policies of the past have limited the current possibilities. Of note:
        -Although Ukraine & western allies seem to have taken good advantage of the 8 years (2014-2022) to ref

        • -Lastly, although the current US president was a strong supporter of Ukraine once the 2022 invasion happened, the weapons shipments actually started under his predecessor, and before that the president had been part of an administration that sent only nonlethal aid. (source: CNN fact checking)

          Got a link to your CNN fact check?

          • It's likely this one [cnn.com]. possibly together with this one [cnn.com]. The important trick to remember is that just because something started under a particular person, doesn't mean they started it. Trump was largely forced by congress to deliver aid.

            The record of past US presidents on Ukraine is pretty bad.

            Bill Clinton forced Ukraine to give up a bunch of weapons whilst accepting security assurances which weren't actually proper security guarantees

            Bush suggested NATO membership without either providing a clear timetable a

    • Yes, throughout eastern Europe only the Russian gov't has the capability to hack a radio system. That they played the Russian anthem and a Putin speech is proof!

      • I say it was done by Hunter’s laptop.

        • The FBI has had it for a few years so it wouldn't surprise me.

          • The FBI hacked Poland's trains in order to make Putin look bad? I think Putin does a fine job of that all by himself.

    • by ls671 ( 1122017 )

      Not sure Russia is stupid enough to leave a signature by playing "a recording of Russia's national anthem and a speech by Russian President Vladimir Putin" over the radio network but who knows? It reminds me of when Russia suppository blew up their own pipeline!

      • by ls671 ( 1122017 )

        suppository? stupid auto-correct, damn it! :)

      • It's possible (means and motive) that Poland execute both attacks, but more likely the first was orchestrated by some Joe to the West and the later by some Vo to the Southeast.

    • go to defcon 2!

    • by PPH ( 736903 )

      Yeah.

      Who the hell do they think they are? Mossad?

    • There are certain obvious problems in "doing anything about it directly" as long as they have nukes.

      • by tragedy ( 27079 )

        Not sure why. They would be insane to use nukes unless they were actually faced with total annihilation. Nukes are only good for mutually assured destruction when the other side has them as well.

    • Beware of false flag operations carried out in the name of our non-allies. Many people have war-interests. War would increase the money in many billionaire's pockets.

    • by Mal-2 ( 675116 )

      If blowing the Zaporizhzhia dam wasn't enough cause to backhand-slap Russia, this sure as fuck isn't going to be.

      • by tragedy ( 27079 )

        There's a difference between atrocities committed in other countries and atrocities committed in ones own country. I personally think that other nations should be helping Ukraine fight Russia directly, not simply providing support for the Ukrainians to do it themselves. However, the reasoning for why they don't is something about not escalating the conflict. Basically, countries don't want the war to come to their own shores. My point is, if it's going to come to your shores anyway, why bother with all this

        • by Mal-2 ( 675116 )

          Are you aware of the significant number of Poles that joined up with the Russian Volunteer Corps? Of course that could just be a case of Poland saying good riddance to its biggest Nazis (there's a reason they're joining RVK, not the Freedom of Russia League), but the Polish government doesn't seem inclined to do anything about them -- not that it should have to. But I wonder if they're not also being used to soft-launch the idea of sending Polish troops. I just don't think a one-day DDOS of their rail netwo

    • by tlhIngan ( 30335 )

      One wonders just how much Russia can get away with before other nations actually do anything about it directly. They seem to be able to get away with numerous instances of outright murder and attempted murder in the territory of other nations. Is anyone going to say enough is enough at some point, or is it still just going to be appeasement?

      Well, they're not being appeased. Putin can't leave Russia because the ICC already has a warrant for his arrest. If you didn't know, there was a BRICS conference in Sout

      • by tragedy ( 27079 )

        Well, they're not being appeased. Putin can't leave Russia because the ICC already has a warrant for his arrest. If you didn't know, there was a BRICS conference in South Africa, and everyone was wondering if Putin would actually attend. The problem is, South Africa is a signatory to the ICC so they would have to arrest Putin if he showed up. So of course, Putin could only attend virtually.

        Ukraine has to be circumspect about attacking Russia and is clearly facing pressure not to do so under threat of losing their foreign support. The theory for joining NATO is that it can happen after the war has ended and there is a negotiated settlement with Russia, but what reason would Russia ever have for a negotiated settlement even if Ukraine chases every last Russian soldier out of Ukrainian territory? Even then they can just keep bombarding Ukraine for as long as they feel like it. What Ukraine needs

    • by mjwx ( 966435 )

      One wonders just how much Russia can get away with before other nations actually do anything about it directly. They seem to be able to get away with numerous instances of outright murder and attempted murder in the territory of other nations. Is anyone going to say enough is enough at some point, or is it still just going to be appeasement?

      I think you have no idea what "appeasement" means.

      Appeasement will mean giving them Ukraine, then Georgia and Azerbaijan after that. The UK's foreign policy against Russia since 2014 was the opposite of appeasement. We couldn't do anything about Crimea, that's just the reality of the situation. Our response was to train and equip the Ukrainian forces to fight the Russians.

      Also there are fewer nations more opposed to appeasing Russia than Poland because a lot of Poles remember what it was like living u

      • by tragedy ( 27079 )

        I think you have no idea what "appeasement" means.

        I'm not sure how you can draw that conclusion. There have been many examples of politicians in the West wanting to appease Russia.

        ""We will have a peace to build tomorrow, let us never forget that," Macron said on Monday. "I mentioned this earlier. We will have to do this with Ukraine and Russia around the table. The end of the discussion and the negotiation will be set by Ukraine and Russia. But it will not be done in denial, nor in exclusion of each other, nor even in humiliation." - Emmanuel Macron

        "The

  • Train services were reportedly restored within hours and the Polish State Railways said in a statement that "there is no threat to rail passengers" and the cyberattack only caused "difficulties in the running of trains."

    "difficulties in the running of trains."? "there is no threat to rail passengers" ? You can say that as long as no trains ran into each other I guess...

    • by b0s0z0ku ( 752509 ) on Monday August 28, 2023 @01:42PM (#63803858)

      The "STOP" signals aren't encrypted (for obvious reasons). The "GO" signals are encrypted. The worst this hack will do is stop a train, causing the signalling system to detect a stopped/failed train within a stretch of track, sending the "STOP" signal to approaching trains. This isn't likely to cause a collision directly, unless train drivers are directed to disable safety systems to work around the hack.

      Also, fuck Putin!

    • by Anonymous Coward

      "difficulties in the running of trains."? "there is no threat to rail passengers" ? You can say that as long as no trains ran into each other I guess...

      Yes? That's why they said it.

      There was never a risk of trains running into each other.
      This is the signal sent from crossing sensors to indicate a blockage. It triggers the train to begin breaking far enough ahead so to be stopped before the blockage point (It takes time for a train to come to a full stop)

      Even under normal working conditions, standard procedure is to visually assess the blockage and if none found request permission to move again.
      This can be done by the conductor, but more typically by a ve

  • For a second I thought they were back in business.

  • in particular, the putin related stuff would be obvious misdirection.
    could be anyone doing this.

    • by tragedy ( 27079 ) on Monday August 28, 2023 @02:11PM (#63803980)

      Obvious misdirection can just as easily have another layer of misdirection on top of it: i.e. the attacker makes it "obvious" it was them so that people will say that it's too obvious and must be someone else. Trying to reason like that just leads to being poisoned with iocane powder. A better way to think about the question of who did it is probably to ask: who benefits?

      • A better way to think about the question of who did it is probably to ask: who benefits?

        Putin. Honestly this isn't some obvious misdirection here. Testing the limits of foreign government's infrastructures that you are likely going to war with is just plain good counterintelligence. And I remind you of all the western countries or NATO nations there's one that is moving military in preparation for potential conflict, Poland, in response to what is going on just over the border in Belarus.

        Not only is it likely Russia, looks like Russia, has the same m.o. as other Russian attacks, but would also

    • I'm waiting on the list of people who would benefit from disrupting Poland's trains.

      • by pacinpm ( 631330 )

        Poland's trains carry a lot of ammunition/tanks/military stuff for Ukraine. So the list begins with: Putin.

  • by smooth wombat ( 796938 ) on Monday August 28, 2023 @03:26PM (#63804216) Journal

    "Why must it be Russia? It could have been anyone!"

    Right. Because the vast quantities of western munitions flowing through Poland and into Ukraine to continue the devastation of the third strongest army in Ukraine* would in no way be hampered by a stoppage of Poland's rail system. Who else would possibly benefit by such a stoppage?

    * At this point the Ukrainian police are stronger than the Russian army inside Ukraine.

  • The radio-stop system is a simple and dated alarm system still in wide use in Polish Railway.

    This is more or less a VHF radio function to transmit a predefined sequence of tones on a given frequency. Something like a DCS code.
    Any train that is in the range of transmission and receive that sequence will initiate immediate breaking.

    If you are not a radio amateur, you can just buy old train VHF radio station that has that function build in After the recent incidents press reported that they are available

  • Aside from any radio comms going on, most railways have PLCs and cables running down the length of their lines that control things like sensors, junctions, signals etc. It is only in the last 3 or 4 years that security has been more than an afterthought to industrial control systems. So it's likely that any modern rail network is extremely vulnerable to low level or sophisticated attacks. Low level - find a box or a cable conduit by the side of the railway and just destroy it. High level - break into the ne

Top Ten Things Overheard At The ANSI C Draft Committee Meetings: (10) Sorry, but that's too useful.

Working...