DEKYAS NEWS World Breaking News and Trusted Source
Related Articles
Manchester Piccadilly, Birmingham New Street and 11 stations in London were all hit by the attack on Wednesday, with passengers trying to log in seeing messages about terrorist attacks in Europe, sources said.
Network Rail, which operates the stations, has suspended Wi-Fi services at stations across the country after what it described as a “cyber security incident”.
The only station managed by Network Rail that was not affected was St Pancras.
A Network Rail spokesperson said: “We are currently dealing with a cybersecurity incident affecting public Wi-Fi at Network Rail managed stations.
British Transport Police are investigating the incident.
“This service is provided through a third party and has been suspended while an investigation is ongoing.”
British Transport Police said: “We received reports of a cyber attack yesterday (25 September) where Islamophobic messages were displayed on some Network Rail’s Wi-Fi services at around 5.03pm.
“We are working with Network Rail to investigate the incident promptly.”
Telent, the third-party company that provides Wi-Fi for Network Rail, said it is also investigating the incident.
“We are aware of the cybersecurity incident affecting public Wi-Fi at Network Rail-managed stations and are investigating this with Network Rail and other stakeholders,” a spokesperson for the company said.
“We have been informed that British Transport Police are conducting an investigation into this incident so it is not appropriate to comment further at this stage.”
According to its website, Telent helps design, build, support and manage some of the UK’s “critical digital infrastructure.” Other customers include Openreach, Transport for London (TfL), National Highways, the Maritime and Coastguard Agency and the NHS Ambulance Radio Programme.
It has not yet been confirmed whether other Telent customers have been affected by the incident.
Jake Moore, global cybersecurity advisor at Eset, said the incident appeared to be an attempt to draw attention to a lack of security, rather than a “real threat”.
“Cyberattacks often occur in stealth mode, attempting to carry out activities without anyone noticing until the real damage is done,” he said.
READ MORE: Assault arrest after late night incident at Bolton Interchange
‘It could be a child’: Dog warning after animal carcasses found
“However, by disfiguring the WiFi login screen with a terror message, it suggests that the motive may simply be to test general security rather than pose a genuine threat – and in this case via the weakest link in the supply chain and most likely via a phishing campaign.
“Cybercriminals with financial motives are out to find data that they can steal or sabotage by demanding ransom.
“However, it appears that nothing more than increased security has been requested here following a separate attack on TfL earlier this month.”
