Polish railway cyberattack

Cybercrime operation and malware strain

The Polish railway cyberattack is a series of suspected sabotage attempts in August 2023 aimed at the Polish State Railways.

Method

The "radio stop" command system has a vulnerability - when a certain three tonal signal is transmitted through the railway radio network, trains stop automatically.^[1]

Events

Friday 25 August

At 9:23 on two sections of line near Szczecin a stop signal was broadcast by an unknown person.^[1] It affected more than 20 trains and freight traffic was stopped as a precaution.^[1] Services were restored within hours.^[2]

Saturday 26 August

Around 6pm near Gdynia a second incident took place - a freight train was also affected later that evening.^[1]

Sunday 27 August

Trains near Białystok were affected by fake stop signals.^[1] Five passenger trains and one freight train were stopped.^[3] Two men were arrested in connection with the disruption near Białystok.^[3] One suspect is a police officer.^[3] Prosecutors opened an investigation.^[3]

Monday 28 August

Police in Białystok announced they had begun a dismissal procedure against the officer arrested on Sunday.^[3] Sixteen people have been arrested as suspects in spying for Russia.^[3]

Investigation

The disruptions are being investigated both by police and intelligence organisations, including the Internal Security Agency.^[3]

Some of the disruptive signals included the Russian anthem and part of a speech by Vladimir Putin.^[2]

References

^ ^a ^b ^c ^d ^e Morris, Loveday (2023-08-28). "Poland investigates train mishaps for possible Russian connection". The Washington Post. Retrieved 2023-08-30.
^ ^a ^b "Poland investigates cyber-attack on rail network". BBC News. 2023-08-27. Retrieved 2023-08-30.
^ ^a ^b ^c ^d ^e ^f ^g "Poland is investigating disruptions to train traffic from unauthorized radio signals". Associated Press. 2023-08-28.

Hacking in the 2020s

← 2010s

Timeline

2030s →

Major incidents

2020	BlueLeaks Twitter account hijacking European Medicines Agency data breach Nintendo data leak United States federal government data breach EasyJet data breach Vastaamo data breach
2021	Microsoft Exchange Server breach Ivanti Pulse Connect Secure data breach Colonial Pipeline ransomware attack Health Service Executive ransomware attack Waikato District Health Board ransomware attack JBS S.A. ransomware attack Kaseya VSA ransomware attack Transnet ransomware attack Epik data breach FBI email hack National Rifle Association ransomware attack Banco de Oro hack
2022	Ukraine cyberattacks Red Cross data breach Anonymous and the Russian invasion of Ukraine Viasat hack DDoS attacks on Romania Costa Rican ransomware attack LastPass vault theft Shanghai police database leak Grand Theft Auto VI content leak
2023	Munster Technological University ransomware attack Evide data breach MOVEit data breach Insomniac Games data breach Polish railway cyberattack British Library cyberattack
2024	XZ Utils backdoor