A 23-year-old university student in Taiwan was arrested for interfering with the TETRA communication system used by the country’s high-speed railway network (THSR).
According to local media reports, the student halted four trains for 48 minutes on April 5 by using software-defined radio (SDR) communications and handheld radios to transmit a high-priority “General Alarm” signal, triggering emergency braking procedures.
THSR is a high-speed railway network in Taiwan that runs a single 350 km (217 miles) two-way line along the western coast of the country, with trains reaching speeds of up to 300 km/h (186 mph).
The annual ridership is 81.8 million passengers, making it a crucial service that also receives financial support from the state.
Before the attack, the student, who is referred to by his surname Lin, intercepted and decoded TETRA (Trans-European Trunked Radio) radio parameters using SDR equipment he bought online, and then programmed them into handheld radios to impersonate legitimate beacons.
The police also found that a 21-year-old accomplice provided Lin with some critical THSR parameters that enabled the attack.
Reports state that the system had been in use for 19 years and that its parameters were apparently not rotated during that time, allowing the hacker to bypass seven verification layers.
The incident has sparked criticism from some Taiwanese politicians, who called out the bodies responsible for negligence.
Following the incident, THSR examined the logs and found that the signal had been sent from a radio beacon that hadn’t been assigned for duty. Upon checking that the device was not missing, a plausible scenario was unauthorized cloning, and the police were alerted.
The police examined CCTV footage and TETRA network logs, which led them to the suspect’s residence, where they located and seized 11 handheld radios, an SDR, and a laptop.
Source: udn.com
Lin, who was arrested on April 28, is now facing charges under Article 184 of the Criminal Law, punishable by up to 10 years of imprisonment.
The hacker is currently out on NT$100,000 ($3,280) bail, while his lawyer claimed the transmission of the emergency signal on April 5 was accidental, an allegation the authorities find unconvincing.
AI chained four zero-days into one exploit that bypassed both renderer and OS sandboxes. A wave of new exploits is coming.
At the Autonomous Validation Summit (May 12 & 14), see how autonomous, context-rich validation finds what’s exploitable, proves controls hold, and closes the remediation loop.
