No excuse for derailing station IT

Source: RTM April/May 2019

Marie Clutterbuck, CMO at Tectrade, discusses the rail sector’s IT vulnerabilities, particularly at stations, and outlines the benefits of zero-day recovery IT architecture.

Are you truly a commuter until you’ve reached a mainline station at 6pm on a muggy summer Friday evening and experienced the dreaded digital signage failure? Major stations – which are already an uncomfortable place to be when surrounded by thousands of irate commuters wanting to get home at the end of the week – are made even worse when nobody knows what is going on. Situations like this might be a boon to the pub around the corner, but for passengers and staff alike, these kinds of outages can cause all manner of nightmares.

With rail fares making Britain the second-most expensive rail network in Europe (us Brits pay 54p per mile), and costs rising by 36% since 2010 (2.6 times more than the increase in average earnings), operators are under an ever-increasing amount of pressure to ensure smooth and efficient service. However, with 14% of trains missing the industry measure of punctuality between mid-2017 and mid-2018, that is evidentially not being delivered. 

IT is obviously not responsible for all aspects of rail operations, but when it comes to the station itself almost all aspects are defined by interconnectivity. Some people may romanticise the clackety wooden panels and hand-punched tickets of yesteryear, but today’s technological innovations have undoubtedly improved the efficiency of station operations. From the ability to use smartphones as tickets to the digital departure boards informing passengers of platforms or delays, technology has radically changed the way that we travel for the better. However, there is a trade-off to this. While theoretically these systems will mean greater efficiency for the station, problems will emerge should the IT systems responsible suffer outages.

Causes of outages

Ransomware wrought havoc in 2017 and 2018 to businesses and consumers alike. The WannaCry cyber attack alone affected more than 200,000 victims and spread to over 150 countries. Ransomware, which takes computers and their data hostage with the demand of cryptocurrency, has the capability to grind operations to a halt. This was the case for the NHS, where at least 80 out of 236 hospital trusts in England, as well as 603 primary care and affiliate NHS organisations, suffered disruption in the highest-profile UK ransomware attack.

More relevant to the rail industry was the May 2017 attack on the German Deutsche Bahn (DB), which saw 450 computers infected with WannaCry. This brought down passenger information systems, ticket machines, and CCTV networks. The DB case is evidence that the rail industry was overly confident in its vulnerabilities, to ransomware in particular. Other transit system outages tell the same story: the San Francisco Mamba ransomware attack in 2016 which forced the city to allow passengers to ride for free; and a ransomware attack on Sacramento’s transit system which deleted an estimated 30 million files.

This is an issue affecting industries of all shapes and sizes, and a significant reason why is because attitudes and focus towards cybersecurity have not always been matched by those towards day-to-day IT. That is to say, the outlay in spend on exciting new applications has historically been a priority over that on operations protection and maintenance of existing investments. This is not necessarily malicious. Many people do not associate an Industrial Control System (ICS) environment with IT, and as such there is lack of awareness about cybersecurity’s criticality. Preventing ransomware at rail stations is as much about spending appropriately on cybersecurity as it is about raising awareness.

However, outages are not always caused by malicious actors. “It’s probably leaves on the tracks” is the catch-all line of thinking that many people use when it comes to unexplained delays. While leaves on the ground of a train station will not do much to alter service, uncontrollable natural forces can come into play to have a serious effect on IT infrastructure. Areas that experience sever weather are likely to suffer power and, consequently, network outages. The UK is seldom subject to the sort of weather conditions that cause blackouts, but accidents do happen. A burst pipe, or workers drilling through electrical or network cables, for example, could cause a power outage at a station for an indeterminate period of time. With these types of situations having the potential to cause significant issues, operators must consider the effect that the environment can play on their operations.

Unlike in an office where any outages, as costly as they might be to the business, ultimately won’t stop employees from going about their day-to-day lives, downtime at rail stations can have serious knock-on effects. Millions of people rely on trains daily, and while they might groan at the prospects of delays, it is cancellations that leave travellers – the customers – most disappointed. Tom Hanks might have had an interesting time in ‘The Terminal,’ but I don’t think thousands of commuters unable to get to and from work would be quite so accommodating. And, ultimately, it is the staff at the stations that will suffer as a result.

Arriving at the destination on time

In the event of a station going offline, operators need a way to get their system back online – and fast. But before they can do that, they must first understand the IT systems and data that are driving the ICS environment.

Shockingly, the majority of organisations that do not have a system fully-managed with external support see almost 25% of their nightly backups fail. Most businesses will have no idea what is in that lost or unavailable data. If that data was, for example, records of ticket purchases, you’d be forced to go back potentially 48 hours or more, depending on when that last backup failed.

With this in mind, operators need to perform disaster recovery testing on their data. Without testing in a controlled and simulated environment, it is impossible for IT and security teams to fully understand their system’s integrity. It’s exactly the same reason why we’re always told to regularly test fire alarms. You don’t want to discover your fire alarm doesn’t work when you most need it, just like how you don’t want to find out your disaster recovery system is ineffective in the event of an outage.

With this knowledge, station operators should look to a zero-day recovery architecture that allows them to priorities workloads and quickly bring them back online without paying a ransom or worrying about whether the workload is compromised. An evolution of the 3-2-1 backup rule (three copies of your data stored on two different media and one backup kept offsite), zero-day recovery enables an IT department to partner with the cyber team and create a set of policies which define the architecture for what they want to do with data backups being stored offsite, normally in the cloud. This policy could, for example, mean that a particular workload – such as ticketing machines – needs to be brought back into the system within 20 minutes, while another workload can wait a couple of days.

Whether it’s because of malware or a power surge, outages in 2019 are a question of when, not if. With a great deal of the infrastructure at a train station relying on IT, it is vital that operators look to a solution that can minimise outages to keep the station moving along and the rat race undisturbed.


There are no comments. Why not be the first?

Add your comment

rail technology magazine tv

more videos >

latest rail news

View all News

rail industry focus

Versatile coating system enhances Indestructible Paint rail industry role

12/08/2020Versatile coating system enhances Indestructible Paint rail industry role

A highly versatile and robust epoxy coating s... more >
Network Rail partners with Cycling UK for new initiative

03/08/2020Network Rail partners with Cycling UK for new initiative

Network Rail and Cycling UK have launched a p... more >

editor's comment

23/01/2018Out with the old...

Despite a few disappointing policy announcements, especially for the electrification aficionados amongst us, 2017 was, like Darren Caplan writes on page 20, a year generally marked by positive news for the rail industry. We polished off the iconic Ordsall Chord (p32), hit some solid milestones on Thameslink (p40), progressed on ambitious rolling stock orders (p16), and finally started moving forward on HS2 (p14) ‒ paving the way for a New Year with brand-new infrastructrure to... read more >

last word

Encouraging youngsters to be safe on the railway

Encouraging youngsters to be safe on the railway

This summer, Arriva Group's CrossCountry and the Scout Association joined to launch a new partnership to promote rail safety among young people. Chris Leech MBE, business community manager at the TOC, gives RTM an update on the innovative scheme. Recognising that young people are more likely to take a risk trespassing on railway tracks, C... more > more last word articles >

'the sleepers' daily blog

On the right track, Sulzer is awarded RISAS accreditation for Nottingham Service Centre

29/06/2020On the right track, Sulzer is awarded RISAS accreditation for Nottingham Service Centre

Following an independent audit, Sulzer’s Nottingham Service Centre has been accepted as part of the rail industry supplier approval scheme (RISAS). The accreditation reinforces the high-quality standards that are maintained by Sulzer’s network of independent repair facilities across the UK and further afield in its global network. ... more >
read more blog posts from 'the sleeper' >


Andrew Haines, CE of Network Rail, tells BBC News his organisation could issue future rail franchises

24/06/2019Andrew Haines, CE of Network Rail, tells BBC News his organisation could issue future rail franchises

Andrew Haines, the Chief Executive of Network Rail, has told the Today programme on Radio 4's BBC’s flagship news programme that he wo... more >
Advancing the rail industry with management degree apprenticeships

08/05/2019Advancing the rail industry with management degree apprenticeships

In answering the pressing questions of how current and future generations of managers can provide solutions to high-profile infrastructure projec... more >
Women in rail - is the industry on the right track?

12/03/2019Women in rail - is the industry on the right track?

RTM sits down with Samantha Smith, sole female member of the TransPennine Route Upgrade Alliance Leadership Team, to find out more about encourag... more >
TfN Strategic Transport Plan: not just for transport's sake

22/01/2019TfN Strategic Transport Plan: not just for transport's sake

Peter Molyneux, Transport for the North’s (TfN’s) strategic roads director, has been leading on the development of the seven economic... more >