Wi-fi hack at train stations displays message about terror attacks

Cybersecurity
Share
BBC drama Nightsleeper centred around the hacking of an overnight train from Glasgow to London. Image: BBC

A ‘Nightsleeper-style’ cyber attack has hit 20 railway stations across the UK with passengers logging onto public wi-fi met with a screen about terror attacks.

Network Rail confirmed that the wi-fi systems at stations including London Euston, Manchester Piccadilly, Liverpool Lime Street, Birmingham New Street, Edinburgh Waverley and Glasgow Central were affected.

People reported logging on to the wi-fi at the stations on Wednesday and being met with a screen about terror attacks in Europe.

A Network Rail spokesperson confirmed the wi-fi was still down and said: “We are currently dealing with a cyber security incident affecting the public wi-fi at Network Rail’s managed stations.”

Telent, the third party which provides the wi-fi for Network Rail, confirmed it was aware of the “security incident” and was “investigating with Network Rail and other stakeholders”.

Adrianus Warmenhoven, cybersecurity expert at NordVPN, comments: 

“Yesterday’s cyberattacks at some of the UK’s busiest train stations are a stark reminder that public Wi-Fi can be a playground for cybercriminals.

“Unsecured public networks in busy areas are easy pickings for hackers and the incident highlights the need for heightened vigilance when using these services — which can be more vulnerable to cyberattacks. 

“Our own research has found that Brits are among the most vulnerable in the world for public Wi-Fi attacks, as more than two-fifths are willing to use password-free services on their devices.”

Adds Chris Gilmour, CTO at Axians UK:

“The reported cyberattack on UK railway stations highlights several key points that need to be called out.

“The intent here seems to be to spread politically motivated disinformation, however, it could also be a distraction technique to enable sources to attack elsewhere with a much more subtle approach.

“This attack came via a third-party supplier. Ultimate responsibility therefore lies with National Rail and it is up to them to ensure that the appropriate security models with third-party suppliers are in place.

“It is important to stress that the public should not just blindly connect to free WiFi, but be more circumspect and use a ZTNA (Zero Trust Network Access) to mitigate nefarious intent.”

Chris Price
For latest tech stories go to TechDigest.tv