Cybersecurity experts issued an urgent alert about a vulnerability in train brake systems that could allow attackers to send unauthorized commands, creating severe safety risks and operational disruptions for the rail industry. This is reported by the railway transport news portal Railway Supply.

The flaw lies in the radio protocol connecting End-of-Train and Head-of-Train devices, which uses weak authentication. Attackers could exploit this weakness to trigger emergency stops or overload braking systems, leading to dangerous failures.

Cybersecurity Alert on Train Brake Vulnerability
Photo: David Lustig

Researchers Neil Smith and Eric Reuter discovered this vulnerability years ago. Smith warned that attackers could manipulate brake controllers remotely using hardware under $500, potentially causing derailments or shutting down national railway operations.

Don’t miss…Services Cancelled and Delayed from Warrington After Signalling Fault

CISA confirmed no exploitation reports but urged operators to review security measures immediately. The agency advised rail companies to contact equipment suppliers for guidance on addressing these risks and securing EoT and HoT devices.

Cybersecurity Risks in Rail Operations

The Association of American Railroads acknowledged the issue and stated that new standards and technologies are in development to prevent such attacks. AAR works closely with CISA and DHS through Project Chariot to strengthen infrastructure security.

AAR emphasized that next-generation devices aim to provide secure communication between locomotives and trailing units. These improvements promise greater reliability, cyber resilience, and streamlined rail operations for future networks.

Cybersecurity and Legacy System Challenges

Industry experts stress that this flaw highlights the risks of aging systems. Anna Collard of KnowBe4 noted that digital layers combined with outdated technology can transform obscure weaknesses into critical threats requiring urgent attention.

Rail operators face increasing pressure to reinforce cybersecurity. While remote exploitation appears unlikely now, the advisory serves as a warning that ignoring legacy vulnerabilities could lead to catastrophic consequences without proactive defenses.

Source: www.railwaygazette.com

News on railway transport, industry, and railway technologies from Railway Supply that you might have missed:

Don’t miss…Amtrak celebrates milestone as Borealis route attracts thousands of travelers daily

Find the latest news of the railway industry in Eastern Europe, the former Soviet Union and the rest of the world on our page on Facebook, Twitter, LinkedIn, read Railway Supply magazine online.

Place your ads on webportal and in Railway Supply magazine. Detailed information is in Railway Supply media kit