Man arrested over hack that shut down rail station wi-fi

by · Mail Online

A man has been arrested over a Nightsleeper-style hack that shut down public wi-fi at some of Britain's biggest railway stations. 

The man is an employee of Global Reach Technology who provide some wi-fi services to Network Rail, British Transport Police said. 

He has been arrested on suspicion of offences under the Computer Misuse Act 1990 and offences under the Malicious Communications Act 1988. 

The cyber attack, which happened just after 5pm yesterday, saw the landing page being replaced with an 'Islamophobic' message that began 'We love you, Europe'.  

BTP said no personal data is known to have been affected.  

Manchester Piccadilly, Birmingham New Street, Glasgow Central, Liverpool Lime Street and ten stations in London were among the hubs affected by the incident.

Passengers look at their phones next to a wifi poster at London Bridge station

The ten London stations affected were Cannon Street, Charing Cross, Clapham Junction, Euston, King's Cross, Liverpool Street, London Bridge, Paddington, Victoria and Waterloo. 

Network Rail manages 20 stations across the network, with London St Pancras the only one that was not affected by the attack. 

The attack was compared to the BBC's new drama Nightsleeper which features a sleeper train travelling from Glasgow to London which is hacked and hijacked. 

Read More

'Nightsleeper-style' cyber attack hits passengers logging on to public wi-fi at 20 railway stations

Wi-fi at the stations is controlled by a third-party provider called Telent, which has revealed an 'unauthorised change' was made to the landing page by a 'legitimate administrator account' for Global Reach, the provider of the Wi-Fi landing page. 

Security experts told MailOnline today that the attack which happened yesterday was a 'stark reminder that public wi-fi can be a playground for cybercriminals', adding that 'unsecured public networks in busy areas are easy pickings for hackers'. 

Adrianus Warmenhoven, cybersecurity expert at NordVPN, said the National Rail hack 'highlights the need for heightened vigilance when using these services — which can be more vulnerable to cyber attacks'.

He added that the incident should 'act as a wake-up call for everyone to be more mindful of the risks associated with unsecured public networks'.

Experts advise people using public wi-fi to avoid using sensitive accounts such as online banking or shopping websites that require personal information.

A British Transport Police van outside of King's Cross station this morning after a cyber attack
The cyber attack has been compared to the BBC's new drama Nightsleeper, starring Joe Cole
London Waterloo station, pictured today, was also impacted by the cyber attack on wi-fi

Customers should also ensure they are connecting to the correct network, given that hackers have created fake hotspots with names similar to legitimate networks.

Read More

Police probe source of Nightsleeper-style hack that shut down rail station wi-fi

Mr Warmenhoven added: 'To fortify your online security further, make sure your device's software - or antivirus programs - are up to date.

'It's also wise to disable automatic connections to any available networks, to prevent your device from connecting to any malicious services which could put your security or personal information at risk.'

According to its website, Telent helps design, build, support and manage some of the UK's 'critical digital infrastructure', and its other customers include Openreach, Transport for London (TfL), National Highways, the Maritime and Coastguard Agency and the NHS.

A spokeswoman for Telent said earlier today: 'We are aware of the cyber security incident affecting the public Wi-Fi at Network Rail's managed stations and are investigating with Network Rail and other stakeholders. 

'We have been informed there is an ongoing investigation by the British Transport Police into this incident, so it would not be appropriate to comment further at this stage.'