- Buy Microsoft Visio Professional or Microsoft Project Professional 2024 for just $80
- Get Microsoft Office Pro and Windows 11 Pro for 87% off with this bundle
- Buy or gift a Babbel subscription for 78% off to learn a new language - new low price
- Join BJ's Wholesale Club for just $20 right now to save on holiday shopping
- This $28 'magic arm' makes taking pictures so much easier (and it's only $20 for Black Friday)
Cybercriminals Hack UK Rail Network Wi-Fi
Several major UK train stations, including London Euston, Manchester Piccadilly and Liverpool Lime Street, have been targeted in a cyber-attack, in which Islamophobic messages have been displayed to passengers attempting to connect to public Wi-Fi.
In total, 19 railway stations managed by Network Rail have been impacted by the incident which began on September 25.
Details of the Attack
The hack redirected passengers to a webpage with offensive content referencing a past UK terror attack. The affected Wi-Fi system, operated by the telecommunications company Telent, was swiftly taken offline as investigations began.
Network Rail suspended the Wi-Fi service at all its stations nationwide while addressing the issue.
British Transport Police received reports of the attack around 5:00 pm on the day of the incident. They are now working closely with Network Rail and Telent to investigate the breach.
A spokesperson for the police assured the public that the investigation is moving forward “at pace.” Network Rail emphasized that the compromised Wi-Fi service is a third-party platform that does not collect users’ personal data.
Telent, on the other hand, clarified that the breach was carried out via an unauthorized change to the landing page through a legitimate administrator account.
As a precaution, they have halted all services provided by the landing page supplier, Global Reach, while verifying that no other customers were affected.
“The attack on the public Wi-Fi at UK railway stations shows how vulnerable our critical national infrastructure can be when third-party services aren’t properly secured. It’s worrying that a system like this, used daily by thousands of passengers, was compromised and used to display terroristic messages,” noted Jamie Moles, Senior Technical Manager at ExtraHop.
Implications for National Security
This latest incident follows a cyber-attack targeting Transport for London (TfL), which resulted in some online services being limited and customer data being breached.
Closed Door Security CEO William Wright commented that, given the latest incident involving Network Rail Wi-Fi follows so closely in the wake of the attack on TfL, it’s clear nation-state adversaries have set their sights on the UK and are determined to cause the country harm.
Read more on the TfL data breach: TfL Confirms Customer Data Breach, 17-Year-Old Suspect Arrested
Joseph Carson, Chief Security Scientist (CSS) & Advisory CISO at Delinea, added, “Yet again, malicious hackers have reminded us that significant infrastructure will remain vulnerable if organizations fail to assess cyber-risks and monitor access to critical systems. Identities and credentials are the most overlooked vulnerabilities that organizations have, but the knowledge is critical for detection and prevention. Today’s hack was a threat, we don’t know what tomorrow might bring and as a nation, we can’t afford to be unprepared.”
Wi-Fi services at the stations are expected to be restored by the weekend.
Image credit: Victor Moussa / Shutterstock.com