Cyber Defense Advisors

When UK rail stations’ Wi-Fi was defaced by hackers the only casualty was the truth

Graham CLULEY

September 26, 2024

Promo Protect all your devices, without slowing them down. Free 30-day trial

If you believed some of the news headlines in the UK on Thursday, you would think that something much more serious had happened.

People are understandably worried when they read headlines about terror attacks and railway stations – but the facts of the matter are rather less disastrous.

Yes, it is true that the public Wi-Fi systems at 19 UK railways stations was hacked this week.

According to Network Rail, who operate most of the railway infrastructure in Great Britain, public Wi-Fi at the following stations was impacted:

Birmingham New StreetBristol Temple MeadsCharing CrossClapham JunctionEdinburgh WaverleyEustonGlasgow CentralGuildfordKing’s CrossLeedsLiverpool Lime StreetLiverpool StreetLondon BridgeLondon Cannon StreetManchester PiccadillyPaddingtonReadingVictoriaWaterloo

Rather than the normal welcome page, travellers connecting to the public Wi-Fi hotspots at the stations were instead greeted with a message referencing terror attacks including the bombing in 2017 at Manchester Arena after a concert by Ariana Grande.

I have no desire to share the full details of what travellers saw, so here is a redacted version of the webpage they saw on their phones when trying to connect to the hotspot.

And yes, the message did appear to be designed to ferment hatred against Muslims.

But this is not a “terrifying cyber attack,” as some British newspapers attempted to portray it.

It’s a fairly pedestrian cybersecurity breach, which – at worst – would have been a minor inconvenience for commuters trying to access their emails or TikTok on their journey into work.

As cyber attacks go, it’s more interesting for what it did not attempt to rather than what it did.

The hackers could have made a bogus login page and attempted to steal personal identifiable information and passwords. But they didn’t. The hackers could have attempted to dupe travellers into believing they had won a lottery or promoted a cryptocurrency scam. But they didn’t.

The hackers could even have displayed a fake payment page and attempted to grift a few pounds from commuters. But, again, they didn’t.

Instead, they defaced the equivalent of a webpage and posted some heartless hate speech. It’s the equivalent of scrawling some graffiti, or sticking a poster up on the side of a bus shelter in the middle of the night.

Of course, the people who manage the Wi-Fi at UK railways stations would be wise to review their security and ask themselves how their system was breached, but to all intents and purposes this was an insignificant hack which somehow managed to make significant headlines in the British media.

The truth is that some parts of the UK press found it irresistible to draw a link between the hotspot message being defaced and a BBC thriller being aired this week called “Nightsleeper”.

“Nightsleeper” tells the story of a sleeper train travelling from Glasgow to London, which is hacked and hijacked (or as they describe it in the TV show “hackjacked”)

Entertaining? Perhaps. Utter balderdash? Definitely!