Abstract

This started as a joke when a colleague shared an article about railways getting hacked. As an exercise in OSINT, I decided to try and find everything I could on the railways, for a laugh. From the interactions I’ve had, “It can’t happen to us because we’ve met compliance. That’s just the way things are!” is the way executives usually approach cybersecurity issues in this industry.

The things we wanted to find a definitive answer to were: A: Is it possible for a low-skilled attacker to gain remote access, via the public internet, to sensitive systems of the railways? B: If yes, what is the worst thing that an attacker could achieve using this access? C: Finally, how difficult is it to pull this off? Can we prove that a novice with a few hours could replicate our work?

What we uncovered was, interesting…