Informa Australia is part of the Informa Connect Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 3099067.

Transport & Logistics

How can rail operators combat cyber threat?

25 Jul 2024, by Amy Sarcevic

In the wake of cyberattacks in Iran and Belarus, concern is growing around the security of Australian railways systems, which – amid the uptake of new technologies – are increasingly vulnerable to threat actors.

While rail signalling systems such as Communications-Based Train Control (CBTC) enhance safety and prevent collisions, their reliance on interconnection (between locomotives, wayside device and central offices) does pose a security risk.

On the other hand, older legacy systems are also vulnerable to malicious actors, given that they are easier to penetrate. These systems were designed before cyber security was a concern, and many run outdated software, or lack the security features and protocols of modern systems.

Add to that the rise of generative AI, which provides novice-friendly hacking scripts, and the rail industry cannot afford to get complacent about cyber security, says Alstom Australia and New Zealand Cybersecurity Manager, Gursimran Tiwana.

“Like most industries, rail is under increasing threat from cyberattack, but it is fair to say the risk to rail is heightened, given the age of its infrastructure, and the security challenges posed by upgrades and integration.

“Additionally, with rail, the consequences of an attack can be catastrophic, which makes them an appealing target for ransomware attacks,” he said ahead of the Connect Rail conference.

Indeed, statistics show that ransomware attacks are one of the greatest cyber security threats to the rail industry, accounting for around 40 percent of all recorded attacks.

Data also reveals how impactful these incidents can be. In 2023, organisations in critical infrastructure sectors, including rail, reported an average data breach cost $3.84 million, with more complex systems incurring damage of up to $5.28 million.

Mr Tiwana says these figures – and the strict regulatory requirements around cyber security in rail – are pressing challenges for the sector.

“It’s not just the added threat from malicious actors that rail operators need to be mindful of. It’s also the tight regulations they are bound by,” he said.

So, how should rail operators navigate this challenging security environment?

Balancing safety and security

Mr Tiwana says, despite the security concerns around modern systems, technology upgrades with adequate cyber security features are the best way to maintain safety and security in railway operations.

“The risk of cyberattack exists no matter which course of action you take – maintaining legacy systems, or upgrading. The benefit of modern systems is that they enhance physical safety – so operators would be very sensible to proceed with upgrades, but with a strong cyber strategy in place.”

As one of Australia’s leading consultancies, Alstom is well-placed to help rail asset owners and operators devise these strategies.

The company addresses risks throughout the cyber security lifecycle – from building a new line, to launching a new train variety, or upgrading a transportation system.

Some of its offerings include:

Risk analysis

Alstom undertakes risk analysis and help owners and operators understand where their vulnerabilities lie. It also assesses the likely impact of risks from internal systems, supply chains and external sources.

“This helps owners and operators invest wisely in their cyber security efforts,” Mr Tiwana said.

“Resources can only go so far, and with upgrades alone often incredibly costly, it is important to optimise cyber security spending.”

Cybersecurity enhancement

Alstom’s enhancement program ensures that legacy systems are at an acceptable risk level. It does this by taking into account operational constraints and the full lifecycle of assets.

“This is important, because obviously it is not possible to keep upgrading infrastructure every five years. Sometimes it’s necessary to focus on enhancing the infrastructure you already have,” Mr Tiwana said.

To enhance cyber security to the highest degree, Alstom has an assurance standard, internal and external auditing.

“We engage auditors to make sure that, once a product is released or is in production, that it will run in a secure way. This is one of our core principles.”

To add an additional layer, the company also adheres to the NIST standard, along with ISO 27001, which it uses to build its networks.

“This underpins our parametric security and administrative controls – i.e. the governance structures and protocols – to ensure we aren’t just built in a secure way, but also running securely.”

Consulting services

Alstom delivers complex security requirements across rolling stock, digital mobility, infrastructure and services projects globally. One of its key focus areas is regulation.

“In countries like Australia and New Zealand, the regulation surrounding cybersecurity is very strong and definitely something to keep front of mind when building a communication system.

“Fortunately, at Alstom, we have regulatory standards built into our processes to help operators remain compliant in all aspects of their cyber security strategy.”

Currently, Alstom caters for cybersecurity standards like IEC 62443, in addition to TS 50701.

“Alstom is IEC 62443 certified, ensuring a secure development of our solutions,” Mr Tiwana said.

Vulnerability watch

Alstom identifies and manages vulnerabilities in their products and systems, providing critical security alerts and actionable intelligence.

By incorporating these advanced technologies, Alstom significantly bolsters the cybersecurity defences of railway systems, ensuring safer and more resilient operations.

Sharing more details of this and its broader cyber security strategy, Mr Tiwana is among a host of Alstom representatives to join Connect Rail 2024, for which Alstom is the proud gold sponsor.

This year’s event will be held 5-6 August at the Sofitel Sydney Wentworth.
One ticket for Connect Rail 2024 provides delegates with access to three conference streams: Rail Decarbonisation, Rail Infrastructure, Rail Operations.

Register your tickets here.

About Gursimran Tiwana

Currently serving as Cybersecurity Manager for Australia and New Zealand at Alstom, Gursimran plays a pivotal role in safeguarding railway operations against evolving cyber threats.

Having collaborated with industry leaders such as Airbus, Air France, Virgin Australia, Den Norske Bank, and Credit Agricole, Sopra Steria, KPMG and CyberCX, Gursimran brings a wealth of expertise in implementing cybersecurity strategies tailored to high-stakes environments.

At Alstom, Gursimran focuses on enhancing cybersecurity awareness among customers in Australia and New Zealand, emphasising its pivotal role in securing railway systems, which are essential components of critical infrastructure.

Blog insights you may like

Get all the latest on Informa news and events

Informa Connect Australia is the nation's leading event organiser. Our events comprise of large scale exhibitions, industry conferences and highly specialised corporate training.

Find out more

Subscribe to Insights
SUBSCRIBE 

Join Our Newsletter
Informa Insights

Stay up-to-date with all the latest
updates, upcoming events & more.
close-link