At a recent rail industry conference, Pen Test Partners researcher Ken Munro shared the results of his colleagues’ most recent pentesting efforts, that looked at hacking passenger train Wi-Fi.
Commenting on this, Natan Bandler, CEO and co-founder of Cy-oT said, “It’s quite easy to jump from a public network to a train and its ticketing systems. Any relatively useful tips that you give train operators in order to keep trains secure are good, but they’re not enough and it’s easy to make mistakes. It’s very hard to keep everything well maintained and segregated.
Having a public network on a train is great for attackers to use as an infection point, and as a way to infect many people. All an attacker needs is to make sure that everyone on the train connects to a specific public network, so even if it’s segregated from the internal systems of the train, it’s still being used as a way to infect each and every passenger on his or her way to Barclays Bank, JP Morgan, the Homeland Security office or any other potentially sensitive workplace. This is particularly easy, as so many people will be using the Wi-Fi network on the train because they have little to no 4G reception. Once connected to this public Wi-Fi, people are infected by tools that will do something malicious once they’re connected to their well protected corporate network in the office, and this is how malware will continue to be spread. This type of attack is a gold mine to hackers. So many people travel by train each day, so it’s easy for a hacker to infect many devices on a single train; and these devices will end up in organisations which hold sensitive data.
The same goes for any public network, such as those in coffee shops etc. Even if you believe that your enterprise wireless network is protected, it really isn’t because devices may have been infected off your premises and then later connected to your organisation’s wired corporate network. What is also important to remember is that it’s not only Smartphones and laptops that are being used and connected to your corporate network. When you add in other devices such as smart watches, wearables and health sensors, the attack surface increases significantly.
The fact is that wireless networks, whether public or private, are at risk. It’s very easy to use them to infect other devices that, in turn, will become a serious risk to any organisation. We see such attacks every day, where devices are being used to either stop the network operation of an organisation or to scan the network and infect devices, steal credentials and sensitive data to leak out of the organisation.”