Hacker scandal involving Newag trains

Newag refutes information from SPS Aso Mieczkowski and the hacker group Dragon Sector, claiming that they intentionally blocked their trains, reports the railway transport news portal Railway Supply, citing ‘Rynek Kolejowy.’

In its statement, Newag asserts baseless and unauthorized defamation spread against the company. “Rynek Kolejowy” was the first to report on the incident that occurred last year, with Onet and Zaufana Trzecia Strona publishing new data on this situation.

Ukrainian Members of Parliament are concerned about the inefficient use of grain wagons by Ukrainian Railways

In June 2022, “Rynek Kolejowy” reported on mysterious malfunctions of Newag Impuls 45WE Koleje Dolnośląskie trains. Four units, after being repaired to level P3-2 by SPS ASO Mieczkowski, failed to start. This posed a serious problem for the carrier and passengers. It was soon discovered that a similar issue arose in the West Pomeranian Voivodeship, where vehicles not yet sent for repairs began experiencing failures, making it challenging to blame the repair contractor for the malfunctions. In July, Newag commented on the matter, emphasizing that there was interference with the safety system of Impuls Kolej Dolnośląskie. The accusations against the manufacturer were rejected by the inspection contractor.

New conclusions, published by hackers

In August, Koleje Dolnośląskie trains resumed operation, but the issue of responsibility, including financial accountability for the malfunction, remains unresolved. Reports indicated varying degrees of problems with Impuls trains for other railway carriers. The case has regained attention due to the efforts of the Dragon Sector hacker group, hired by SPS ASO Mieczkowski to address the issue. On Tuesday, December 5, they announced their findings at the specialized conference “Oh My H@ck,” as reported by Onet and Zaufana Trzecia Strona.

“Our analysis for SPS Mieczkowski lasted for two months. During this time, we managed to unlock the trains. Today, we are confident that it was a deliberate action by Newag. We discovered the manufacturer’s interference in the software, leading to forced failures and trains not starting. When the news spread in the industry that SPS had someone who found a solution to these problems, we began receiving orders from other Polish railway companies for Impuls trains. A total of ten entities were served with inspection orders to investigate the causes of faults in 29 vehicles, including companies such as PolRegio, Koleje Mazowieckie, Warszawska Kolej Dojazdowa, and SKM,” said Michal Kovalchik, a member of Dragon Sector, as reported by Onet.

“Firstly, someone at Newag introduced logic into the software that if a train is idle for more than ten days, it won’t move. Perhaps someone thought that if a train is stationary, it must be checked by some service. However, these trains were also parked in the Lower Silesian Railway sheds. Someone at Newag rightly thought that this undermines the narrative of SPS’s incompetence, so they introduced their own ‘innovation.’ In the subsequent vehicles, we found that they had an additional ‘safety’ measure: they were given a rule that they wouldn’t move if parked in specific locations in Poland, including SPS service center and other similar centers in the industry. They even included one of the still under-construction SPS centers,” added Michal Kovalchik, as reported by Onet.

In an article on the Zaufana Trzecia Strona website, more technical details are provided. This includes triggering train lockouts when a component with a verified serial number was replaced. There was also a discovered method to lift the lockout – it didn’t require setting flags at the computer memory level but involved a specific sequence of button presses in the cabin and on the onboard computer screen. When information about the successful start of Impuls trains reached the media, the trains received a software update eliminating this repair possibility.

In another train, a code was found that would command it to “break down” after a million kilometers.

Surprises were not only hidden in the computer software. In one depot, researchers found a device labeled as “UDP<->CAN converter,” presumably allowing remote communication with the train. Analysis revealed that the onboard computer sent information about the lockout status to the device, which was connected to a GSM modem.

SPS ASO Mieczkowski hopes for a peaceful resolution.

Rynek Kolejowy requested SPS ASO Mieczkowski to comment on the new articles.

“Our position aligns with the Dragon Sector’s stance, as outlined in the article, including on the Onet.pl platform. We hope that the provided information will contribute to a peaceful resolution of disputes with Koleje Dolnośląskie. We confirm that the issue of Impuls locomotive breakdowns has been handed over for clarification to the relevant authorities. We await further developments during the current proceedings,” stated Rynek Kolejowy by Serwis Pojazdów Szynowych Sp. z o. o. Sp. K.

Newag: This is baseless defamation spread about us:

“Our software is clean. We do not, did not, and will not introduce any solutions into the software of our trains leading to intentional failures. These are defamatory claims from our competitors conducting an illegal smear campaign against us. In a statement sent to the Rynek Kolejowy editorial office, NEWAG vehemently denies the manipulation of information by Onet and its interlocutors, representatives of the hacker group hired by the company SPS Mieczkowski.

The first subway line was put into operation in the capital of Ecuador

It is untrue that we created faults in our trains to secure repair orders. This is slander. The company servicing the rolling stock of Lower Silesian Railways could not fulfill the service order for our trains and, to avoid contractual sanctions, created this conspiracy theory for the media.

We learned from Onet that they hired hackers to create a report accusing us of it,” said Zbigniew Konieczek, President of NEWAG SA.

“We have not seen this document; we do not know how it was created, what methodology was adopted to base unfounded allegations against NEWAG. Additionally, no evidence has been provided that our company intentionally installed faulty software.

In our opinion, the truth may be quite different – for example, that competition interfered with the software. We reported this to the relevant authorities. This is not the first time we have informed law enforcement that our software has been altered without our permission. We publicly informed about this in 2022.

Therefore, it is strange that Janusz Cieszynski, former Minister of Digital Affairs, speaks of ongoing investigations contributing to the spread of false and very harmful information about NEWAG and does not add that they were initiated based on our reports,” Konieczek added.

Previously, this issue was commented on by Newag’s main shareholder, Zbigniew Jakubas.

“Onet’s publication is unreliable, misleading, and violates not only the rights of Newag and my personal rights but also manipulates the stock quotes of Newag SA. All state authorities and services should deal with this issue,” he told Business Insider Polska.

On December 6, after the stock exchange opened, Newag’s shares plummeted by a whopping 17 percent but later stabilized at -8%.

Photo: Newag

Rail business, industry, and railway technology news from Railway Supply that you might have missed:

Deutsche Bahn presented a video of the digital twin of the railway

Find the latest news of the railway industry in Eastern Europe, the former Soviet Union and the rest of the world on our page on Facebook, Twitter, LinkedIn, read Railway Supply magazine online.

Place your ads on webportal and in Railway Supply magazine. Detailed information is in Railway Supply media kit