A Polish train manufactured by Newag broke down during maintenance, and the engineers were stumped as to why it wouldn’t run. Desperate for a solution, the Dragon Sector cybersecurity team was called in to investigate. They discovered unusual conditions written into the software code of the trains that were causing the malfunctions, including GPS coordinates that disabled the train if it spent too long in certain maintenance centers. The team successfully repaired the trains and uncovered surprising features in the software, such as the ability to undo a lockout and the intentional “breakdown” of a train after a certain distance. The case has raised questions about the manufacturer’s practices and the lack of action from regulatory authorities.
https://badcyber.com/dieselgate-but-for-trains-some-heavyweight-hardware-hacking/