Poland's Railways Halted by a Simple Radio Hack (gizmodo.com)
from FlyingSquid@lemmy.world to technology@lemmy.world on 28 Aug 2023 14:41
https://lemmy.world/post/4010387

And they do mean simple.

Radio stop commands in Poland can be conducted by anyone with just $30 in equipment to create commands using the correct radio frequency, Lukasz Olejnik, a cybersecurity researcher and consultant, told Wired. Hackers could have allegedly used simple tones that can be found in a European Union document, he said. The document says it lays out the “interoperability relating to the control-command and signaling substem of the trans-European high-speed rail system.”

But hackers wouldn’t necessarily need access to the document, according to Olejnik, who said the information is widely available online, particularly on YouTube. “It is three tonal messages sent consecutively. Once the radio equipment receives it, the locomotive goes to a halt.” He added: “Everybody could do this. Even teenagers trolling. The frequencies are known. The tones are known. The equipment is cheap.”

#technology

threaded - newest

Candelestine@lemmy.world on 28 Aug 2023 14:51 next collapse

That’s a trick you can only pull once, to create a temporary, but massive, snarl in Ukraine’s supply imports. If it was deployed now, “whoever” must be more worried about this counter-offensive than they let on.

Blamemeta@lemm.ee on 28 Aug 2023 15:19 collapse

It’s not even a hack. It’s like pulling the fire alarm.

lemann@lemmy.one on 28 Aug 2023 15:41 collapse

The problem with this is, you can pull the fire alarm from the outside of the building, wirelessly… potentially from a couple miles away if you juice up the transmission power.

I think it’ll get solved with time, like e2ee came for messaging apps, and https came for http

HarkMahlberg@kbin.social on 28 Aug 2023 16:23 next collapse

I wish it would come for spam callers spoofing random numbers...

VonReposti@feddit.dk on 28 Aug 2023 18:04 collapse

IIRC the protocols STIR and SHAKEN (yes, the authors tortured the English dictionary in order to come up with those abbreviations) would fix that. It should just be a matter of how long till it gets implemented worldwide.

jantin@lemmy.world on 28 Aug 2023 21:57 collapse

It is solved long ago, the tech exists and is quite common in a big part of Europe

But Poland didn’t implement it, still runs on 1990s tech and so every now and then a bored kid will shoot the radio-stop and stop a train or two for lulz. Now apparently FSB managed to pull together a team and coordinate several radio-stops, that’s why it was a problem.