British Railway Passengers Attacked

Wi-Fi networks at a number of train stations across the UK have been suspended after being hacked. British Transport Police are investigating after there was an attack on Wi-Fi networks at 19 stations across the country, which are run by Network Rail. 

Passengers logging onto the Wi-Fi saw a webpage containing details of Islamist terrorist incidents in the UK and abroad. So far, no personal data is known to have been affected. 

Now, a man has been arrested after passengers at many of the nation's busiest train stations were affected 

The police say the suspect is an employee of Global Reach Technology, which provides  Wi-Fi services to Network Rail. The man was arrested on suspicion of offences under the Computer Misuse Act 1990 and offences under the Malicious Communications Act 1988. 

  • Ten London Stations in were were affected: They are: Euston, Victoria, King’s Cross, London Bridge, Cannon Street, Charing Cross, Liverpool Street, Paddington, Clapham Junction and Waterloo.
  • Stations outside London affected include: Manchester Piccadilly, Birmingham New Street, Glasgow Central, Leeds City, Liverpool Lime Street, Bristol Temple Meads, Edinburgh Waverley, Reading, and Guildford.

This incident follows a recent attack on Transport for London which runs Bus, Underground, Overground and other public transport services in the capital. That exploit is understood to have potentially exposed the bank account details of about 5k train passengers, either via activity on their Oyster card account or refund data. This data includes account numbers and sort codes.

A 17-year-old male was arrested on September 5th on suspicion of Computer Misuse Act offences in relation to that attack. 

In coment, Kev Eley, Vice President UKI at Exabeam said “The cyberattack on Network Rail marks a major cybersecurity incident in the UK.. There are several layers to this incident that make it particularly concerning. Firstly, there is the sheer scale of the attack and the widespread disruption that comes with this... Beyond the disruption caused, the attack raises questions around the security of personal data used to access National Rail Wi-Fi services...

What makes this attack even more worrying is its potential to cause widespread panic due to the nature of the message displayed to passengers when they logged into the Wi-Fi.

Ultimately, this incident serves as an important reminder of the significant risk posed by third-party suppliers and why it is vital that this element of cybersecurity is not overlooked." Eley said

Standard   |   Independent   |   BBC   |   Guardian   |    Sky  |   Mail

Image: @networkrail

You Might Also Read: 

Attack On Transport For London Exposed Passenger Bank Details:


If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Will Hezbollah Launch Cyber Attacks On Israel?
The Key Issues For SME Cyber Security [extract] »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Bulletproof Cyber

Bulletproof Cyber

Bulletproof offer a range of security services, from penetration testing and vulnerability assessments to 24/7 security monitoring, and consultancy.

NetDiligence

NetDiligence

NetDiligence is a privately-held cyber risk assessment and data breach services company.

Ensurity Technologies

Ensurity Technologies

Ensurity is a deep-tech cybersecurity engineering company; designs and manufactures specialized secure hardware, software, and mobile application solutions.

Cyphra

Cyphra

Cyphra’s team provide cyber security consulting, technical and managed services expertise and experience to support your organisation.

Kontron

Kontron

Kontron offers a combined portfolio of secure hardware, middleware and services for Internet of Things (IoT) and Industry 4.0 applications.

SpecTrust

SpecTrust

SpecTrust provides an all-in-one defense solution for identity abuse & fraud, enabling your company's talent to stay focused on the core business.

SIA Group

SIA Group

SIA Group, an Indra company, combines Consulting, Systems Integration and Managed Services in four specialized business areas: Information Security, Storage, IT Management and IT Mobility.

LGMS - LE Global Services

LGMS - LE Global Services

LGMS is a leading cyber security penetration testing and assessment firm in the Asia Pacific region.

Ward Solutions

Ward Solutions

Ward Solutions are an information security consultancy and managed services company. We help organisations protect their brand, people, assets, intellectual property and profits.

Mosyle

Mosyle

Businesses and educational institutions rely on Mosyle to manage and secure their Apple devices and networks.

Ekco

Ekco

Ekco is one of Europe’s leading managed cloud providers. With a network of infrastructure and security specialists across Europe, we’ve perfected our approach to supporting digital transformation.

Brennan IT

Brennan IT

For over 25 years, Brennan’s expert team has helped businesses achieve real success through innovative and secure technology solutions.

Marlink

Marlink

Marlink smartly integrates hybrid, future-ready network solutions so you can benefit from the best available connectivity and IT to accelerate your digitalisation and empower your remote operations.

PixelQA

PixelQA

Are you looking for a security testing company to cross-check whether your software or mobile app has a possible security threat or not?

One Step Secure IT

One Step Secure IT

One Step provide Managed IT Services, Cybersecurity Protections, and Compliance to businesses in the USA nationwide.

StepSecurity

StepSecurity

StepSecurity provides a comprehensive security platform for GitHub Actions.