Hackers can remotely disable brakes on US trains. Say what!
What's the story
A serious security vulnerability has been identified in American trains, one that could allow hackers to remotely disable their brakes. The flaw was first discovered by independent researcher Neil Smith in 2012 and can be exploited through radio frequencies. The US Cybersecurity and Infrastructure Security Agency (CISA) has confirmed the risk, which the railroad industry has known about for over a decade but only recently started addressing.
Information accessibility
Exploit could be generated using AI
Smith emphasized that all the information required to create this exploit is already available on the internet. He even suggested that artificial intelligence (AI) could be used to generate it. He also clarified that this vulnerability can't be exploited over the internet from another country. However, some physical proximity to the train will be required for successful exploitation of its signal reception.
Industry response
Vulnerability known for over a decade
Despite being aware of this vulnerability for more than a decade, the railroad industry has only recently started taking steps to fix it. This delayed response highlights potential lapses in the industry's cybersecurity protocols and risk management strategies. The CISA's confirmation of the risk further underscores the critical need for immediate action to secure American trains against such remote hacking threats.