Stay ahead of quantum threat to railway security

Trains play such a critical role in how humans and goods are transported. In the past year, there were 1.6 billion passenger journeys across Great Britain, and in early 2024 alone, 17.1 million tonnes of freight were transported in the U.K. With so much at stake, any threat to the safety of train travel should raise alarm bells.

And those bells are ringing. Indeed, digitalisation – the very thing that is going to make rail transport more reliable, safe and on time – is also what can open railways to greater threats from malicious actors seeking to destabilise critical transportation systems.

Today, attackers could attempt to use sensitive in-flight operational or system login credentials to create havoc. They can also masquerade as legitimate users to alter commands with the aim of disrupting services or causing accidents or launch Denial of Service (DoS) attacks to paralyse the traffic management systems (TMSs) – which would affect scheduling and safety.

The communications network plays a pivotal role as the first line of defence in thwarting such attacks with a zero-trust approach. But a new threat is looming.

On the horizon are powerful quantum computers, which future attackers could use to overcome existing railway network security approaches.

In this article, we will review the threat landscape of railway communications network cyber-security today and how quantum computing may alter that view, as well as offer a toolbox rail operators can draw from to evaluate solutions and ensure they build digital railways that are safe and secure well into the future.

What is a digital railway

Mainline, metro and freight railways as of now depend on very large amounts of data to ensure dependable, secure and on-time journeys for passengers and cargo each day. Many are seeking to make greater use of digital technologies and automation to transform their operations and keep pace with evolving customer demands.

That’s where digital technologies come in. Innovations like artificial intelligence (AI), Internet of Things (IoT) and digital twins, are enabling railways to automate systems for train control, operational efficiency and monitoring, as well as to increase capacity and better the passenger experience.

As they evolve from traditional operational technology (OT) systems to advanced cloud-based digital systems their vulnerability grows. While cyber-security for individual elements is essential, comprehensive in-depth security is all-too often an afterthought.

Growing cyber threats

With the digitalisation of railway operations, it’s natural that cyber-security issues are multiplying. With more complexity and inter-dependencies between systems as well as increased network points of presence, the number of ways that hackers can intrude increases. They often target the interstices between sub-systems, looking for the weakest links, frequently located within communications frameworks.

In fact, a cyber threat landscape report on the transport sector by the European Union Agency for Cybersecurity (ENISA), published in March 2023, shared that attacks on railways to date have almost exclusively targeted railway undertakings and infrastructure managers.

Most attackers have attempted to disrupt railway information technology (IT) services. As an example, hackers forced Danish State Railways’ train network to significantly shutdown in November 2022 after breaching an IT subcontractor’s software testing environment. Likewise, in June 2023, an IT company fell victim to a ransomware attack, leading to the theft of operational data belonging to Swiss Federal Railways.

However, ENISA anticipates that groups will target railway OT systems in the foreseeable future – which would put safety- and mission-critical services at risk.

Three types of cyber threats

Cyber threats may take many different forms, but there are three most common types.

Eavesdropping, common in IT-type intrusions, is when intruders collect sensitive data such as login and authentication data, operation commands and system control messages. These breaches in confidentiality might not be utilised immediately. Instead, they allow hostile groups to monitor activities, learn more about how the systems work and use the information for more devastating attacks at a future date.

The second is man-in-the-middle attacks. In these attacks, the integrity of the in-flight data is most often threatened, taking eavesdropping to the next level by both monitoring communications and modifying them. An August 2023 attack on the Polish national rail system would have done this, using an unencrypted link to issue a false order that stopped more than 20 trains. If the signalling system is compromised, there are potential catastrophic risks such as generating conflicting interlocking (IXL) signals to force a head-on collision.

The third kind of attack is probably the most common these days: DoS, which impacts the availability of critical systems. In this type of attack, the perpetrator overwhelms targeted devices or systems with traffic, disguising as legitimate traffic. The sheer volume overwhelms these systems, making them unable to execute essential tasks. Consequently, vital traffic management systems or edge servers used by an automation system can be taken off-line at critical junctures.

Encryption and the quantum threat

Now, with the advent of quantum computing, new kinds of security threats loom.

Traditional computers rely on electrical signals that can be in one of two states: on or off, expressed in ones and zeroes. These binary ones and zeroes are driving everything from the earliest punch-card computers to today’s smart devices. However, there’s been limits to their computational power.

Quantum computers operate on the principles of quantum mechanics, allowing for many states between on and off. They do not run on ones and zeroes; instead, they run on electrons and photons and are not limited to one state at a time. This allows them to perform tasks much faster than binary computers and to execute multiple processes at once, significantly increasing their capacity and speed.

Quantum computers can solve problems or break data encryptions in mere minutes that would have taken even the largest conventional supercomputers thousands of years to accomplish.

Modern approaches to encryption

Protecting the communications between sub-systems and the confidentiality, integrity and availability of critical systems requires data encryption. In these advanced digital systems, cryptography involves scrambling messages when sent and unscrambling them when received. Any intrusion that intercepts the data ‘in-flight’ renders it meaningless without access to the appropriate decoding scheme.

The idea behind coding and decoding schemes or algorithms is to make the mathematical challenge of breaking the code so computationally intense that the money and effort required is not worth the potential reward. The advent of quantum computing, unfortunately, may render ineffective many of today’s most popular public key encryption algorithms, such as Diffie-Hellman and Rivest-Shamir-Adleman (RSA).

Bad actors equipped with a cryptographically capable quantum computer (CRQC) can decrypt today’s public key encryption schemes exponentially faster than even the most powerful classical (non-quantum) computers.

Even without access to a CRQC today, a threat actor can collect and store encrypted railway communications data and messages for decryption later when they have a CRQC. This practice, commonly known as harvest-now-decrypt-later (HNDL), underscores the urgency of undertaking quantum-safe measures as early as possible.

Ensuring in-depth defence

Given that most vulnerable points of the entire railway system reside within the interstices and communications between sub-systems, it’s crucial to include robust communications network security in the holistic defence-in-depth security framework. Regulators mandate well-established standards for securing data transport as well as OT data flows, which must be adhered to. This is done through the numerous dense wavelength-division multiplexing (DWDM) switches, Ethernet switches and Internet Protocol (IP) and Internet Protocol Multi-Protocol Label Switching (IP/MPLS) routers.

With proper implementation of network measures, these networks can become zero trust – controlling who can access the network and the permissible commands should an unauthorised individual succeed in penetrating the network. However, this approach doesn’t protect against all attacks.

As we approach the era of quantum computing, it is essential for traffic encryption schemes to utilise a robust key distribution server and symmetric key encryption, such as advanced encryption standard (AES) with a session at least 256 bits in key length. Implementing AES-256 at the network transport layers will establish strong initial protection against quantum threats.

New post quantum cryptography (PQC) algorithms designed for scalable use at the application layer will come later, providing additional protection for every network user. Implementing defense-in-depth requires adding layers of proception to combat this significant threat, establishing a quantum-safe communications network.

A complete security framework

Railway operators face a growing array of threats as they digitalise more of their OT systems and increase their reliance on communications across the mission-critical IP/MPLS and optical backbone. They require robust encryption measures capable of defending against quantum threats to prevent bad actors from eavesdropping on communications, executing advanced attacks such as command spoofing, or disrupting core TMSs with DoS assaults. With CRQCs on the horizon, railway operators must adopt quantum-safe protection to ensure that they can effectively stop quantum attacks.

While digitalisation will bring many rewards for both railways and their customers in efficiency and safety, the security of these new systems is a pressing concern. Ensuring the future security and progress of our railways requires railway operators to adopt a cautious, yet comprehensive approach, and quantum-safe encryption is an important part of the complete security framework.