Hackers Claim Train Manufacturer Disabled Units Serviced at Independent Repair Shops
A group of white-hat hackers trying to help a small regional railway say the trains were programmed to break down after being serviced at third-part shops.
A train manufacturer in Poland is at the center of a fascinating right-to-repair controversy after a group of white-hat hackers accused it of remotely bricking trains that a regional rail operator had serviced at independent repair shops. After getting them running again, the hackers allege the manufacturer added "workshop-detection" code to the trains' software that triggered the breakdowns, leading the company to threaten a lawsuit and claim the allegations are completely wrong.
Poland's Rynek Olejowy reports that rail operator Lower Silesian Railways (or Koleje Dolnośląskie) has been in a spat with Newag, producer of its Impuls 45WE hybrid multiple units. In June 2022, the railroad reportedly experienced multiple no-start failures with these trainsets in unrelated circumstances. In one case, the train stopped working after sitting out of service for a period, while in another it occurred following service at an independent train repair shop, SPS. Both reportedly resulted in fewer trains running than scheduled, impacting passenger service. (One Chinese railway had a similar incident when Adobe Flash was shut down.)
Newag reportedly claimed the trains had self-deactivated when their security software had been tampered with. However, a group of benevolent "white hat" hackers called Dragon Sector who were hired by SPS to assist have offered their own explanation: Newag used DRM to frustrate third-party repair efforts.
As reported in Polish outlet Onet, Dragon Sector said the trains were programmed to engage a software lockdown if they sat stationary for more than 10 days. This is believed to be an attack on independent repair, which has become a major battleground in recent years between consumers and companies like Apple, John Deere, and many across the car industry. Right-to-repair is combated in a variety of ways, from proprietary software and encryption that can only be read by the company itself to "parts pairing" according to 404 Media—a security measure against third-party service.
Not only does this make some devices impossible for the average user to repair, but it also can stop independent shops from fixing them at a lower cost than the manufacturer would demand. In extreme cases, this can leave consumers with no recourse if a manufacturer decides the product can't be repaired, and must be replaced at greater cost.
Newag's software locks reportedly go further than disabling trains that haven't been moved recently, though. Its programming is said to be more sinister, activating if a train parks at preset GPS locations that line up with indie shops around Poland. At least one location reportedly included a shop that was still under construction as of the programming's discovery.
Zaufana Trzecia Strona also reports that repair countermeasures would activate if parts were replaced without performing a hidden unlock sequence in the train's computer. Code was also reportedly found that would shut the train down after exceeding one million kilometers, and technicians also reportedly found hardware that could let Newag remotely interact with the train. (Removing it reportedly caused no functional problems.) At least 10 Polish railroads have reportedly contacted Dragon Sector for assistance with malfunctioning Newag trains.
Newag has denied the accusations against it, reportedly accusing SPS of failing to repair the faulty train and starting a "conspiracy theory." The train was reportedly repaired and returned to service. Newag reportedly alleges the story is "slander" from competitors engaged in an "illegal black PR campaign." 404 Media reports Newag has also threatened to sue Dragon Sector, which told the outlet it thinks Newag is bluffing to intimidate it.
Got a tip or question for the author? You can reach them here: james@thedrive.com
