Cybersecurity

One Lamb Almost Derailed 300 Tons of Steel Because He Could

NeglectedSheep

2 min read
Share
One Lamb Almost Derailed 300 Tons of Steel Because He Could

I need you to understand something. I have been awake since yesterday. My third coffee is cold. I have seventeen open tickets. And I just read that a 23-year-old university student jammed a high-speed rail communication system and triggered emergency brakes on a live train.

A student.

Not a nation-state. Not a sophisticated wolf with a twelve-person crew and a government budget. A student. Presumably with homework due.

So here is what happened. Taiwan's High Speed Rail runs on something called TETRA, which is a digital radio protocol used for critical operational communications. Think of it as the nervous system that tells the train "hey, stop" or "hey, go." Our young aspiring chaos agent figured out he could flood that frequency with interference, which the safety system correctly interpreted as an emergency signal, and then applied the brakes. On a moving train. Full of passengers.

The train did exactly what it was designed to do. The system worked. The problem is a 23-year-old with a radio transmitter should not have been able to have that conversation with it in the first place.

This is what keeps me up at night. Not sophisticated holes in the fence. Not elite coyotes with zero-days and nation-state backing. A kid with off-the-shelf hardware and apparently a lot of free time between lectures.

The Shepherds, naturally, will call a meeting about this. They will make a slide deck. They will nod gravely. Then they will ask why the quarterly budget for "radio frequency hardening" cannot come out of the coffee fund and move on.

TETRA has known vulnerabilities. Researchers published findings on this in 2023. The protocol is old. The authentication is weak. This was not a surprise to anyone paying attention, which, gesturing broadly at everything, is the problem.

Remediation

Look, I am tired, but here is what you actually do:

Encrypt your radio traffic. TETRA supports end-to-end encryption. Use it. Turning it off is not a "legacy compatibility" decision, it is a "please jam us" sign.

Monitor your RF environment. Unexpected signal flooding on operational frequencies should be an alert, not a post-incident discovery.

Segment and authenticate. Critical command signals need cryptographic verification. If your train brakes respond to anyone shouting loudly enough on the right frequency, you have a problem that predates this kid by years.

Apply the ointment. TETRA firmware updates exist. Dip your infrastructure in them.

The hole in the fence was not new. Someone just finally tripped over it.

Drink water, patch your stuff, and maybe audit whatever ancient radio protocols are running your critical infrastructure before a bored sophomore does it for you.

Original Report: https://www.bleepingcomputer.com/news/security/student-hacked-taiwan-high-speed-rail-to-trigger-emergency-brakes/