Network Rail’s Wi-Fi Suffers UK Outage at 19 Stations Due to Rogue Employee
The company that owns and manages most of the railway network in Great Britain, Network Rail, suffered a major service outage on their national Wi-Fi network this week, which began on Wednesday and impacted 19 stations. But it appears to have been caused by an “employee of Global Reach [who] corrupted the system“.
Commuters began noticing that something was amiss at around 5pm on Wednesday, after many of them reported seeing messages about terror attacks being displayed as they logged onto the public Wi-Fi service at Network Rail managed stations. In response, Telent, which provides the service, promptly suspended it to investigate a possible “cyber security incident” against their systems.
However, the messages, which appeared to be Islamophobic in nature and referenced the 2017 Manchester Arena bombings, had not been posted by hackers. Investigations by Telent quickly established that no other services or networks provided by Telent were directly impacted and the “incident was not a result of a network security breach or a technical failure and no personal data had been affected“, said Telent.
Advertisement
Instead, the defacement seems to have been introduced by an employee working within the chain of associated companies.
Telent worked together with Network Rail, Global Reach and the British Transport Police to investigate the incident.
The system that manages the connection of users to the Wi-Fi is provided by Global Reach. It was established that an employee of Global Reach corrupted the system so that messages about past terrorism attacks were displayed as users logged on to the Wi-Fi. On the evening of Thursday 26 September the employee of Global Reach was arrested on suspicion of offences under the Computer Misuse Act 1990 and offences under the Malicious Communications Act 1988.
Working closely with Network Rail, Telent are now finalising plans to begin restoring the Wi-Fi service across all Network Rail managed stations.
The British Transport Police have since posted a statement of their own to confirm that a man has been arrested as part of their investigation into the abuse of access to some Network Rail Wi-Fi services. “The man is an employee of Global Reach Technology who provide some Wi-Fi services to Network Rail. He has been arrested on suspicion of offences under the Computer Misuse Act 1990 and offences under the Malicious Communications Act 1988,” said the BTP.
The abuse of access is said to have been restricted to the defacement of the splash (Wi-Fi login) pages, and no personal data is known to have been affected. The event occurred in the same month as Transport for London (TfL) was hit by an actual cyber-attack, which may have breached customers’ private details. A teenager from Walsall in the West Midlands was later arrested in connection with that attack.
Mark is a professional technology writer, IT consultant and computer engineer from Dorset (England), he also founded ISPreview in 1999 and enjoys analysing the latest telecoms and broadband developments. Find me on X (Twitter), Mastodon, Facebook, BlueSky, Threads.net and Linkedin.
« UK ISP Gigaclear Nearly Complete Fastershire FTTP Broadband Rollout UPDATE
Am I reading the article title wrong? First I thought WiFi has to be shut down because it was used to abuse Network Rail staff somehow but instead a contractor’s staff abused their access to the system.
Initial reports suggested a “hack” or “outage” but it later transpired to be someone with a login abusing their power. Maybe it’s time that the WiFi providers consider adding some sort of two person verification and authorisation before messages can be put up to avoid this happening again?
I’m watching Nightsleeper on the BBC , trains and signalling will be next; should have stayed ‘Solud state’!
That was such an over the top show IMO. It had its moments but it seemed like they went for every action film cliche they could.
The Driver is at it again!
People use station wifi?