Skip to content
NGTEdu Logo

NGTEdu

A PRODUCT OF NGTECH.CO.IN

NGTEdu Logo

NGTEdu

  • Home
  • Cyber Attacks
  • Malware
  • Vulnerabilities
  • Data Breach
  • Home
  • Data Breach
  • Cybersecurity Challenges for the European Railways
  • Critical Vulnerability
  • Data Breach
  • Vulnerabilities

Cybersecurity Challenges for the European Railways

5 years ago Anastasios Arampatzis
Cybersecurity Challenges for the European Railways

The European Union Agency for Cybersecurity (ENISA) released in November 2020 its “Cybersecurity in Railways” report to raise awareness about the cybersecurity challenges facing Europe’s railways. The report identifies the current cybersecurity status and challenges as well as proposes cybersecurity measures to combat these challenges and enhance the sector’s security posture. The report is based on data gathered over the last two years from the operators of essential rail services in 21 EU Member States.

The EU railway landscape

The railway sector is a critical infrastructure for the development of the European Union and its member states since it enables the transportation of goods and passengers within countries and across borders. The key entities for the provision of these services are:

  • The railway undertakings (RU), who are responsible for the transport of goods and passengers by rail.
  • The infrastructure managers (IM), who are responsible for the establishment, operation and maintenance of railway infrastructure including traffic management, command, control and signaling, station operation and train power supply.

Both entities and the railway sector in total are identified as Operators of Essential Services (OES) in the NIS Directive, and they must be compliant to the security requirements of the Directive. To establish and maintain compliance, railway entities must implement the cybersecurity measures defined by the NIS Directive Cooperation Group, which are grouped in four categories:

  • Governance and ecosystem – Information system security governance and risk management
  • Protection – identity and access management, physical security
  • Defense – Crisis management and business continuity
  • Resilience – Incident response and management, detection

The digital transformation of the railways, as in other sectors, presents new opportunities together with novel challenges. Consequently, cybersecurity is a key requirement to enable railways to deploy and exploit the full extent of digital technology.

Cybersecurity challenges

While the railway sector strives to implement the required cybersecurity measures to defend against cyber-attacks exploiting vulnerabilities, they are met with various challenges that hinder their efforts. Overall, the ENISA report notes that “railway stakeholders must strike a balance between operational requirements, business competitiveness and cybersecurity, while the sector is undergoing digital transformation.”

The main cybersecurity challenges highlighted in the report are the following:

  • Low cybersecurity awareness. Staff awareness of the need for cybersecurity remains quite low. However, the report indicates that recent security incidents, such as the WannaCry and NotPetya attacks, have acted as warning bells to foster efforts to increase the level of awareness.
  • Conflicts between safety and cybersecurity requirements. For each security patch and update, safety teams need to ensure that safety mechanisms remain intact. This requires extra time and money. Additionally, the report highlights that it appears to be difficult to deal simultaneously with safety and security requirements, which sometimes overlap or contradict each other.
  • Digital transformation of critical services. Most railway companies are undergoing digital transformation, and a wide range of IT and connected IoT devices are introduced. However, these components are not properly procured, identified and managed, creating new vulnerabilities and expanding the threat landscape.
  • Supply chain risks. Railway entities are heavily reliant on a wide variety of third-party suppliers and providers for system updates, patch management and lifecycle management. This can increase the challenge of standardization and the ability to define and implement baseline cybersecurity measures for all systems. Moreover, third-party suppliers are not covered by the provisions of the NIS Directive, so they have less stringent statutory requirements for applying cybersecurity.
  • Legacy systems. IMs and RUs manage many legacy or obsolete systems – with lifecycles calculated in decades. These are difficult or even impossible to upgrade to implement cybersecurity measures. Legacy OT requires procedures, policies and human intervention for patches and updates to ensure an adequate security level.
  • Cybersecurity requirements complexity. Railway entities need to comply both with the NIS Directive and national security requirements, making compliance a time-consuming and resource-intensive effort. It also highlights the need for cybersecurity requirements harmonization across all EU members and the requirement for the development of a railway-specific NIS profile.

Level of NIS compliance

The ENISA report provides the status of cybersecurity measures implementation across the sector. The findings indicate that each entity has different levels of NIS compliance according to its cybersecurity maturity, digital skills, size, business challenges, suppliers and the resources allocated to cybersecurity.

  • Governance, risk management and ecosystem management measures are implemented by 47% of the railway companies, with several reporting that they are currently launching organization-wide cybersecurity programs.
  • Protection measures are implemented by 53% of the organizations. Basic cybersecurity, such as access control or system segregation, seems to be already well implemented and under control. However, the security measures that require higher technical expertise, such as cryptographic controls or cybersecurity controls on industrial control systems (ICS), are implemented at a lower rate.
  • Security measures regarding defense are implemented by 52% of the sector entities. Security measures that require less technical expertise, e.g., communications with competent authorities and CSIRTs or incident reporting, appear to be well-implemented and under control.
  • Resilience measures are implemented by 57% of the companies. Although managing crises and incidents is part of the daily business in the railway sector, the established processes for crisis and business continuity management need to be adapted to cover cybersecurity incidents.

Conclusion

The ENISA report on the status of cybersecurity in the European railways provides essential insight for both the railway organizations and the policy bodies in the EU. European authorities should take steps forward to address the challenges highlighted in the report to strengthen the cybersecurity posture of the railway sector. Such steps should include policy standardization and harmonization as well as building a cybersecurity mindset and culture.

Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.

The post ” Cybersecurity Challenges for the European Railways” appeared first on TripWire

Source:TripWire – Anastasios Arampatzis

Tags: Critical Severity, Exploit, Finance, Low Severity, TripWire

Continue Reading

Previous How Joining a Professional Community Can Supercharge Your Career and More
Next A Sticker Sent On Telegram Could Have Exposed Your Secret Chats

More Stories

  • Cyber Attacks
  • Data Breach

AISURU/Kimwolf Botnet Launches Record-Setting 31.4 Tbps DDoS Attack

3 hours ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

ThreatsDay Bulletin: Codespaces RCE, AsyncRAT C2, BYOVD Abuse, AI Cloud Intrusions & 15+ Stories

7 hours ago [email protected] (The Hacker News)
  • Data Breach

The Buyer’s Guide to AI Usage Control

9 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Infy Hackers Resume Operations with New C2 Servers After Iran Internet Blackout Ends

10 hours ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Vulnerabilities

Critical n8n Flaw CVE-2026-25049 Enables System Command Execution via Malicious Workflows

14 hours ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Vulnerabilities

Malicious NGINX Configurations Enable Large-Scale Web Traffic Hijacking Campaign

15 hours ago [email protected] (The Hacker News)

Recent Posts

  • AISURU/Kimwolf Botnet Launches Record-Setting 31.4 Tbps DDoS Attack
  • ThreatsDay Bulletin: Codespaces RCE, AsyncRAT C2, BYOVD Abuse, AI Cloud Intrusions & 15+ Stories
  • The Buyer’s Guide to AI Usage Control
  • Infy Hackers Resume Operations with New C2 Servers After Iran Internet Blackout Ends
  • Critical n8n Flaw CVE-2026-25049 Enables System Command Execution via Malicious Workflows

Tags

Android APT Bug CERT Cloud Compliance Coronavirus COVID-19 Critical Severity Encryption Exploit Facebook Finance Google Google Chrome Goverment Hacker Hacker News High Severity Instagram iPhone Java Linux Low Severity Malware Medium Severity Microsoft Moderate Severity Mozzila Firefox Oracle Patch Tuesday Phishing Privacy QuickHeal Ransomware RAT Sim The Hacker News Threatpost TikTok TripWire VMWARE Vulnerability Whatsapp Zoom
Copyright © 2020 All rights reserved | NGTEdu.com
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Read More here.Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT