Imagine: you’re on the tube and suddenly it stops dead. Not too unusual in London. But then the lights go out, and you’re plunged into darkness. The driver announces he has no information. You wait, getting more restless.
Then the driver gets the signal to go. But it’s not safe to - there’s another train stopped ahead and there’s going to be a collision. How has this happened?
It’s because above ground, a hacker has taken control of the signalling systems. They threatened to cause chaos unless a large sum of money was paid to them.
This may sound like the plot of a badly written action movie, but according to Rotem Abeles, from technology company Cylus, it’s a very plausible situation.
“We’ve seen some examples in the past of attacks on rail systems,” he explained. “Some of them have just been scratching the surface, but we have also seen attacks in the safety critical systems themselves.
“And this is serious because we’re talking about attacks that can send unauthorised movement authority to trains, that can change a light on light signals from red to green. So, it’s things that are pretty serious.
“And the current safety mechanisms of rail were not designed to face intentional hacking. They were always designed for reliability. Rail is one of the industries with the highest reliability in the world, and they have a very good safety record.”
It was because of this specific threat, and a chance meeting with insurance broker DVA at a conference, that a partnership was born between Cylus, DVA and Hiscox. The companies came together to develop a new insurance product that rail companies could use to fight this new threat.
“There was a growing need from DVA’s customers for something like this,” Abeles said. “Cyber insurance is greenfield and companies are trying to move forward on this.
“In the context of rail, because we are talking about specialised risk, even the cyber security part of it is not generic cyber security that we know from other classic cyber security threats. And this is why we teamed up to use our technical expertise to complement their insurance and underwriting and brokerage expertise.”
The new product, called CyberClear, covers financial losses that occur due to any cyber-related incidents in the railway industry. This includes things like breakdowns, signal failure or operating software fails caused by hackers, or conventional cyber risks such as data loss and IT system breakdown.
In addition to covering the losses afterwards, the three companies are looking at risk management and using the new technology to help with identifying risks before they occur.
“We are helping them in both risk selection and loss prevention,” Abeles explained. “The technology is mostly around the loss prevention part, but there’s a step before that which is risk selection, which is leveraging our domain expertise in helping them evaluate the risk of the holder.”
“Cylus is specialised rail cybersecurity, and we specialise in the signalling and control networks which is where the safety logic of rail lies, it’s the crown jewel of rail operation. We have built a dedicated solution that can handle networks, that proprietary protocol and the very specific logic that they use.”
Hiscox, DVA and Cylus also worked closely with railway companies throughout the process, as Alexander Rassmann, head of liability and financial lines insurance at DVA explained. This ensured that the policy was relevant to the companies and something they would use.
“This new policy has been developed in conjunction with railway companies and is tailor-made to provide cover for the unique cyber risks of rail companies,” Rassmann said.
“By combining Hiscox’s proven experience in insuring cyber risks and Cylus’s cutting-edge technology and domain expertise, DVA is able to offer its clients the protection they need.”