A cyber attack has affected public wifi services at several of the largest railway stations in the UK, including Manchester Piccadilly, Birmingham New Street, and 11 stations in London. Passengers attempting to log on were shown messages related to terror attacks in Europe. Network Rail, which manages the stations, responded by suspending wifi services across its network as a precaution. St Pancras station was the only Network Rail-managed site that was not impacted by the attack.
British Transport Police are leading the investigation into the cyber attack, which took place on Wednesday (25 September). The wifi services, provided by a third-party company called Telent, have been suspended while authorities work to determine the extent of the breach. Telent, which manages critical infrastructure across the UK, including for Transport for London (TfL) and the NHS, is also conducting its investigation into the incident. So far, it has not been confirmed whether other Telent clients were affected.
Experts suggest that the motive behind the attack may not have been to cause significant damage but rather to highlight security vulnerabilities. Jake Moore, a global cybersecurity adviser at Eset, commented that the nature of the messages displayed suggests an attempt to test the security of the system, possibly through a phishing campaign. He added that many cyber attacks are carried out without drawing attention, making this incident unusual in its visibility.
The attackers have made no demands, and whether the attack was financially motivated remains unclear. Moore indicated that cybercriminals typically seek to steal data or demand ransom. Still, this case appears to have focused more on exploiting weaknesses in the system’s security, which follows a similar attack on TfL earlier in the month. The investigation is ongoing as authorities work to resolve the issue and restore services safely.
References
