Remember Dieselgate, the scandal where certain diesel vehicles would detect an emissions test, and run cleaner for it, “cheating” the test? Traingate may just put that one into perspective. We’ll tell the story from the beginning, but buckle up for a wild and astonishing ride. It all starts with Polish trains getting a maintenance overhaul. These trains were built by Newag, who bid on the maintenance contract, but the contract was won by another company, SPS. This sort of overhaul involves breaking each train into its components, inspecting, lubricating, etc, and putting it all back together again. The first train went through this process, was fully reassembled, and then refused to move. After exhausting all of the conventional troubleshooting measures, SPS brought in the hackers.
Dragon Sector is a Polish research group, who gained some worldwide attention for work on Toshiba laptop BIOS security. And it turns out that these were the perfect group for the job. From cobbling together hardware to improving Ghidra’s support for Infineon TriCore architecture, there was a lot of work done to even get a toehold into the train’s systems. But finally they could do memory dumps, and compare the broken train with working ones. There was a set of configuration flags that seemed to hold the key. But this particular train was badly needed in service. So Newag, the original manufacturer, was finally contacted to complete the maintenance and get the train running again. Hackers are nothing, however, if not persistent. After pulling an all-nighter, and with literal minutes to spare, Dragon Sector was able to overwrite the memory of the broken train with a valid configuration, and it once again came ..
Support the originator by clicking the read the rest link below.
