The Real Impact and Cost of Rail Disruption

digital display of cyber monitoring on railway systems

Our trains continue to move away from their former image as smoke-billowing, piston-churning iron horses of the past as they become faster, more efficient, better for the environment, more digitized and more comfortable to drive and ride.

They are also increasingly susceptible to new threats, far more menacing than a penny on the tracks.

Just a few recent examples: In July of last year, the Iranian railway system reportedly experienced two back-to-back cyberattacks that delayed or canceled hundreds of trains. This past January, the Swiss Federal Railway was reportedly targeted by a cyberattack which luckily did not result in the intended data leak. And in the midst of current geopolitical tensions, many countries are bracing for the possibility of a cyberattack on railways or other critical infrastructure networks.

Why this sudden rise in digital train treachery? First, our railways are indeed critical infrastructure – key in the transport of hundreds of millions of people and of billions of dollars’ worth of goods and materials on a daily basis – making them a key target for bad actors. Second, the rise of digitalization and the increase in connectivity within railway systems has not only turned trains more into computers on wheels than iron horses, but has also simultaneously widened the attack surface for hackers, adding to the surge in cyberattacks.

Given their central role in keeping our economy rolling, the need for better cyber protection of our railway systems is clear. But what is the real impact and cost of these cyberattacks?

Passengers might be put in danger

Trains are a key artery for many cities, countries, even continents. Passengers rely on them to commute to work, visit relatives and friends, and simply move from point A to point B in a safe, timely and reliable manner. Between October 1 – December 31, 2021, there was a total of 285M rail passenger journeys in Great Britain alone.

With so many people reliant on railways, disruptions have the potential to endanger passengers themselves. Cyberattacks aimed at trains’ critical systems such as interlocking, point machines, light signals, braking systems, to name a few, could put passengers in harm’s way.

In addition, any rail disruption that impacts passenger safety – cyberattack or not – shakes the foundation of trust built between passengers and the rail system and can impact rail business in the short and long-term. And what hurts customer confidence always hurts revenue. In addition, whenever someone onboard a train gets injured – passenger or employee – the rail company needs to file insurance and compensation claims, pay legal and crisis management fees, and manage all of the other long-term implications.

Rail companies’ bottom lines

The financial implications of a rail disruption or shutdown could amount to significant sums –the exact amount depending on the type and length of the disruption. The pandemic has given us a more tangible glimpse into what disruption can cost rail companies in this day and age. Take rail operator Deutsche Bahn, hard-hit for 18 months by the pandemic, lockdowns, and plummeting passenger numbers. They needed a multi-billion Euro bailout to get back on track.

The immediate impact on rail companies’ bottom lines in the aftermath of a cyberattack or other disruption can result from direct revenue loss due to unsold tickets or refunded ticket prices and freight charges that were not collected. Additional expenses can include paying for damage control like public relations, crisis management or legal services to salvage the railway companies’ reputation and costly repairs to physically damaged infrastructure.

Maintaining customer confidence is key to maintaining customer lifetime value (CLTV) and railway business continuity. Rail disruption impacting passenger safety or slowing down rail service – preventing passengers from getting on with their busy days – has the potential to derail the foundation of trust between rail companies and the public  and tarnish railway companies’ reputations.

Even on the off chance that a railway company’s reputation remains unharmed, there’s a good chance that the company will need to increase its operational costs in the wake of a cyberattack. This may include increased mechanical or equipment costs as well as the cost of an in-depth forensic investigation, patching and remediation, and additional SOC services.

Though it may not result in physical damage, a “close call” is still costly for rail companies because they are required to implement reactive measures such as reporting, root-cause analysis, and additional training.

The far-reaching impact of rail disruption

Rail disruption has the potential to ripple far beyond the confines of railway systems themselves, often with significant economic implications.

If commuters can’t get to work, that in itself spurs significant economic loss throughout the economy. Absences from work – due to sick days and more – cost UK businesses approximately 14 billion euros every year.

In addition, if freight trains cannot move enough goods, there can be cascading supply chain interruptions, production stoppages and ultimately lost revenue. Up to $4 trillion in revenue may have been lost due to supply chain disruptions in 2021 according to a GEP-commissioned survey of US and European C-suite executives. Railways are only a piece of the supply chain puzzle, but there’s no doubt that the compounding effects of bottlenecks in the supply chain are economically detrimental – yet another difficult lesson the pandemic has spotlighted.

Since railway systems are becoming more and more digitized, cyberattacks or disruptions of any kind can have significant ramifications on passenger safety, rail companies’ bottom lines as well as on the stability of the global supply chain.

That is why railway companies worldwide have been implementing robust, tailor-made solutions that strengthen their safety and security postures and meet evolving regulations in order to keep on track in this new digital age.


* indicates required