US Railroad Industry's Outdate Radio Protocol Is Vulnerable

US railroad industry's outdate radio protocol is vulnerable

: Neil Smith has been trying to get the railroad industry to listen since 2012, but it took a CISA warning to get there

Cybersecurity agency issues warning about end-of-train device vulnerability

An end of train device is seen on the rear of a CSX intermodal train passing though Falmouth, Va. Spencer T. Whitman WASHINGTON — The federal cybersecurity agency issued an advisory last week regarding a vulnerability in end-of-train devices that could allow an attacker to gain control of a train’s air brake system. “Successful exploitation of this vulnerability could allow an attacker to send their own brake control commands to the end-of-train…

A software-defined radio can derail a US train by slamming the brakes on remotely

Neil Smith has been trying to get the railroad industry to listen since 2012, but it took a CISA warning to get there When independent security researcher Neil Smith reported a vulnerability in a comms standard used by trains to the US government in 2012, he most likely didn't expect it would take…

Major Railroad-signaling Vulnerability Could Lead To Train Disruptions - Cybernoz - Cybersecurity News

Listen to the article 4 min This audio is auto-generated. Please let us know if you have feedback. A newly disclosed vulnerability in train braking systems could let hackers remotely stop trains with relatively simple and inexpensive hardware, potentially causing derailments. The high-severity vulnerability, tracked as CVE-2025-1727, involves weak authentication in the protocol used to send what are known as end-of-train and head-of-train packe…

Security vulnerability on U.S. trains that let anyone activate the brakes on the rear car, was known for 13 years — operators refused to fix the issue until now

A security researcher discovered that the wireless RF communication between the first and last car of American trains isn't encrypted.