Is cybercrime the pandemic for rail in 2022?

A German logistics company is still counting the cost of a breach of its digital archives earlier this month. The knock-on effects for customers and reputation are only just being counted. With the very nature of the industry involving multiple partners, multiple handling and multiple points of inspection, is the rail freight industry facing a new threat in the new year?

Despite efforts and resources being mounted in a worldwide fight against a rising tide of online crime, the perception is that the waters are rising faster than the defences are being built. Could 2022 be the year where the life rafts are overwhelmed, and sailing through the stormy waters turns into something more akin to a desperate bailout.

Click to collaborate and eradicate

July this year saw online systems at South African ports stutter to a halt, closely followed by intermodal traffic, vital to the national economy. First Durban, then Cape Town, then elsewhere around the coast. “It’s the whole bang shoot: the ports, the rail network, everything. Nothing is operating at the moment” was a much syndicated and panicked quote.

Durban Port, the busiest intermodal terminal in Africa, was brought to a standstill by a cyber attack earlier in 2021. The criminals responsible have yet to be apprehended, but doubtless, there’s a nice cold reefer waiting for them on the quayside. Image from WikiCommons

In September, the association of Europe’s rail supply companies, known as Union des Industries Ferroviaires Européennes or UNIFE, issued their most recent paper on the subject, calling for full cooperation in the European cybersecurity arena and a collaborative approach between rail stakeholders. UNIFE seeks collaboration over online standardisation, research and innovation, and cyber-threats intelligence sharing.

Stay vigilant to stay on track

The rail sector faces a complex regulatory framework that requires a deep understanding of all operational cybersecurity-related processes, says UNIFE. “Digitalisation has transformed rail transport, notably from the operational, infrastructural, and mass-transit perspectives”, says their paper. “It has also furthered the potential for interoperability. Therefore, implementing cybersecurity requirements is fundamental for the sector’s digital enhancement and security.”

Meanwhile, could a UK operation be brought to a standstill by criminals with nefarious keyboard skills? Not if the National Cyber Security Centre has anything to do with it. The NCSC has published a new National Cyber Strategy, which builds on the significant progress made over the last five years. “This means more diversity in the workforce, levelling up the cyber sector across all UK regions, expanding offensive and defensive cyber capabilities and prioritising cyber security in the workplace, boardrooms and digital supply chains”, claims the report.

Making sure UK rail freight interests stay on the line and criminal actors stay offline may not entirely be down to state-sponsored oversight, but it’s incumbent on all partners to be vigilant and avoid a Durban in 2022.

Author: Simon Walton

Simon Walton is RailFreight's UK correspondent.

Add your comment

characters remaining.

Log in through one of the following social media partners to comment.