Taiwan HSR Hacked: Radio Spoofing Halts High Speed

A sophisticated radio signal spoofing attack forced three Taiwan High Speed Rail trains into emergency stops on the final night of the Qingming Festival holiday.

The malicious transmission triggered false alarms across the network, causing a nearly hour-long delay for passengers.

Authorities have since apprehended a 23-year-old college student in connection with the cyber-physical security incident.

The disruption centered around the manipulation of the rail network’s internal communication systems.

According to investigators, the attacker successfully cloned the radio signal of a Tetra mobile device.

Critical infrastructure and emergency services commonly use Tetra (Terrestrial Trunked Radio) systems for secure, two-way communication.

Taiwan High Speed Rail Spoofing hack

At 11:23 PM, the high-speed rail’s operations control center detected a General Alarm (GA) signal originating from Taichung Station.

These communication devices are strictly issued to personnel in controlled areas and feature a vital built-in alarm reporting function.

When station staff detects situations that endanger passenger safety, the system automatically broadcasts an emergency alert.

This signal simultaneously instructs train drivers in the affected sector to switch to manual emergency stop mode.

By maliciously spoofing this specific radio frequency, the suspect forced three separate trains to halt, resulting in a 48-minute system-wide delay.

Following the incident, the Taiwan High Speed Rail control center immediately audited its internal communication hardware.

After verifying that no authorized devices were missing, the operator confirmed the alarm was generated externally.

The company formally reported the security breach to the Railway Police Bureau and the Criminal Investigation Bureau’s Telecommunications Investigation Division.

The joint task force determined that the attacker exploited a computer system vulnerability to intrude into the core network, utilizing specialized electromagnetic interference equipment to execute the spoofing.

On April 28, law enforcement executed search warrants at three locations, including the suspect’s residence and workplace.

Officers successfully seized multiple pieces of wireless broadcasting equipment and electronic devices used during the attack.

Legal Consequences and Mitigation

According to a Newtalk report, a university student surnamed Lin was questioned by the Taoyuan District Prosecutors’ Office.

He currently faces charges under the Railway Act, as well as criminal code violations for endangering public transportation and deploying illegal signal-interference equipment.

Following his initial questioning, Lin was released on bail of NT$100,000 pending further legal proceedings.

In response to this cyber-physical intrusion, authorities emphasized the severe consequences of targeting critical transportation infrastructure.

The District Prosecutors’ Office warned that any attempts to obstruct public transit networks through hacking or radio interference will face aggressive prosecution.

Moving forward, security experts anticipate that Taiwan High Speed Rail will need to audit and reinforce its Tetra radio authentication protocols to prevent future unauthorized signal cloning.

Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.