Scroll Top

Poland’s railway system disrupted through radio commands in possible cyber sabotage


Poland’s railway system, a critical component of transit infrastructure for NATO’s support of Ukraine, has faced an unprecedented disruption as mysterious saboteurs employed a seemingly simple but effective technique to halt over 20 trains across the country. While the incident has been described as a “cyberattack,” experts suggest it may not involve cyber methods at all. Instead, the perpetrators utilized radio commands to trigger the emergency stop function of the targeted trains.

The series of incidents occurred on August 25 and 26, impacting both freight and passenger trains. Polish media and the BBC have reported that the sabotage is believed to have been carried out in support of Russia. The perpetrators inserted elements of the Russian national anthem and portions of a speech by Russian President Vladimir Putin into the commands they sent to stop the trains.

Poland’s railway system has played a vital role in facilitating Western weapons and aid to Ukraine as part of NATO’s efforts to strengthen Ukraine’s defenses against Russia’s aggression. While Polish intelligence services are investigating the incidents, suspicions point towards a larger geopolitical context.

Despite the railway sabotage being described as a “cyberattack,” independent cybersecurity researcher Lukasz Olejnik has shed light on the mechanics of the attack. Contrary to sophisticated cyber techniques seen in previous Russian attacks on Ukraine, this disruption seems to involve a basic radio-stop command. Olejnik explains that the Polish train system uses a radio frequency-based communication system for these commands, which lack encryption or authentication. This flaw allowed the saboteurs to use off-the-shelf radio equipment costing as little as $30 to broadcast the command and trigger the emergency stop function on targeted trains.

Olejnik emphasizes that the simplicity of the attack should not be underestimated, as it only requires the sender to be in proximity to the target train, presenting a relatively low-cost and low-tech method of disruption. While Poland has plans to upgrade its railway systems to use more secure GSM cellular radios by 2025, until then, the current VHF 150 MHz system remains susceptible to such radio-stop commands.

The incident underscores the vulnerability of critical infrastructure to relatively simple attacks, especially in situations where encryption and authentication are lacking. As Poland investigates the disruption, questions about the extent of Russia’s involvement and the broader implications for international relations continue to arise.

Related Posts

Leave a comment

You must be logged in to post a comment.
Privacy Preferences
When you visit our website, it may store information through your browser from specific services, usually in form of cookies. Here you can change your privacy preferences. Please note that blocking some types of cookies may impact your experience on our website and the services we offer.