‘Cyber security incident’ hits wifi at Network Rail stations

26 September 2024, 11:04

Passengers milling about at London King's Cross
Network Rail hit by cyber attack. Picture: PA

Stations hit included Manchester Piccadilly, Birmingham New Street and 11 stations in London.

A cyber attack has hit public wifi at some of the biggest railway stations in the country.

Manchester Piccadilly, Birmingham New Street, Edinburgh Waverley, Glasgow Central and 10 stations in London have all been affected by the attack on Wednesday which saw passengers trying to log on seeing messages about terror attacks in Europe, according to reports.

The Manchester Evening News said the wifi webpage after the hack said, “We love you, Europe” and contained information about terror attacks.

Network Rail, which manages the stations, has suspended wifi services at stations across the country following what it described as a “cyber security incident”.

The only Network Rail-managed station not affected was St Pancras.

A Network Rail spokesperson said: “We are currently dealing with a cyber security incident affecting the public wifi at Network Rail’s managed stations.

“British Transport Police are investigating the incident.

“This service is provided via a third party and has been suspended while an investigation is under way.”

British Transport Police said: “We received reports at around 5.03pm yesterday (September 25) of a cyber attack displaying Islamophobic messaging on some Network Rail wifi services.

“We are working alongside Network Rail to investigate the incident at pace.”

Telent, the third-party firm which provides wifi for Network Rail, said it was also investigating the incident.

“We are aware of the cybersecurity incident affecting the public wifi at Network Rail’s managed stations and are investigating with Network Rail and other stakeholders,” a company spokesperson said.

“We have been informed there is an ongoing investigation by the British Transport Police into this incident, so it would not be appropriate to comment further at this stage.”

According to its website, Telent helps design, build, support and manage some of the UK’s “critical digital infrastructure”, and its other customers include Openreach, Transport for London (TfL), National Highways, the Maritime and Coastguard Agency and the NHS Ambulance Radio Programme.

It has not yet been confirmed if any of Telent’s other customers have been impacted by the incident.

Jake Moore, global cybersecurity adviser at Eset, said the incident appeared to be an attempt to draw attention to a lack of security, rather than a “genuine threat”.

“Cyber attacks often occur in stealth mode and attempt to carry out activities without anyone noticing anything until the real damage is complete,” he said.

“However, by defacing the wifi logon screen with a terror message suggests that the motive may simply be to test its general security rather than to pose a genuine threat – and in this case, via the weakest link in the supply chain and most likely via a phishing campaign.

“Financially motivated cyber criminals are out to find data they can either steal or sabotage with a ransom demand put in place.

“However, it seems nothing more has been demanded here other than more security in place following a separate attack on TfL earlier this month.”

– The stations affected are:
Birmingham New Street;
Bristol Temple Meads;
Edinburgh Waverley;
Glasgow Central;
Guildford;
Leeds;
Liverpool Lime Street;
London Bridge;
London Cannon Street;
London Charing Cross;
London Clapham Junction;
London Euston;
London King’s Cross;
London Liverpool Street;
London Paddington;
London Victoria;
London Waterloo;
Manchester Piccadilly;
Reading

By Press Association

More Technology News

See more More Technology News

A bin of seized knives. A new AI tool from the University of Surrey has been unveiled which could help police forces more quickly identify and trace knives.

New AI tool to identify knives could ‘transform’ policing of knife crime

Former executive chairman of Google Eric Schmidt

Former Google boss warns of ‘extreme risk’ from terrorists posed by AI

A laptop displaying a ‘Matrix’-style screensaver

MPs: Ministers must give protections to creative sector amid AI copyright fears

French President Emmanuel Macron addresses the audience in a closing speech at the Grand Palais during the Artificial Intelligence Action Summit in Paris

Refusal to sign AI declaration was ‘based on what’s best for British people’

Someone at a computer keyboard

Airbnb issues warning over holiday scams fuelled by AI and social media

An HSBC branch

HSBC online and mobile banking working again after service outage

HSBC on growth across the UK

HSBC hit by outage as users complain of being unable to log on

The summit in Paris (Michel Euler/AP)

UK did not sign AI communique over ‘opportunity and security’ concerns – No 10

Sky Glass Gen 2

Sky unveils second generation Sky Glass TV promising ‘better picture and sound’

Technology Stock

UK announces sanctions against Russian cyber crime network

Participants in the AI Action Summit pose for a group photo at the Grand Palais in Paris

UK appears not to have signed leaders’ declaration at AI summit

OpenAI CEO Sam Altman

Sam Altman reiterates OpenAI ‘not for sale’ after Elon Musk-led bid

A young girl uses the TikTok app on a smartphone.

Data of dead British children may have been deleted, TikTok boss says

Elon Musk

Elon Musk offers $97bn to buy ChatGPT-maker OpenAI

Alesha Dixon (Jordan Pettitt/PA)

Alesha Dixon working ‘super hard’ to stop children having phones

A quarter of those who have fallen victim say they blamed themselves (PA)

Almost half of children aged between eight and 17 ‘have been scammed online’