We review vendors based on rigorous testing and research but also take into account your feedback and our affiliate commission with providers. Some providers are owned by our parent company.
Learn more
vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.
Advertising Disclosure

vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.

Cylus- Cyber Security Solutions for the Railway Industry

Ditsa Keren Technology Researcher

As railways progress to automated and wireless technologies, their most safety-critical assets are exposed to new and dangerous types of cyber threats. Cylus is a cybersecurity startup dedicated to addressing the security challenges of the railway industry, led by senior officers from the IDF’s elite Intelligence Corps, who leverage their combined experience designing cutting-edge cybersecurity solutions. We spoke with Cylus CEO Amir Levintal to learn about the challenges and oportunities in the era of connected railways.

What was your background prior to founding Cylus?

I served in the elite technological unit of the IDF for 22 years. My most recent role there was Director of the Cyber R&D Division, where I led a team of cybersecurity experts and software engineers. During my military service, I gained extensive experience leading numerous advanced R&D projects and managing groups of highly talented and motivated teams who developed groundbreaking, mission-critical projects. My cofounder, Miki Shifman, who served in the same elite unit, brings vast hands-on experience leading R&D teams in cybersecurity – on both the system and architectural levels.

In early 2017, we began exploring the rail industry and the new technologies which have been introduced into the industry over the past years such as control systems, remote monitoring, remote maintenance, passenger Wi-Fi and other new digital technologies and services.  What we discovered was that railway systems are becoming more and more “connected,” exposing safety-critical assets to malicious cyberattacks. These attacks have the potential to threaten passenger safety, disrupt service, and cause severe economic damage.

For example, ERTMS is a technology which controls trains over a wireless channel. The control center can see all the trains in the network, with the ability to increase trains’ speed or stop them altogether. The center controls the train through GSM-R, a technology which is very similar to the second generation of the mobile network which consumers utilize for their smartphones. In 2010, this was considered a cutting-edge technology. But today, it's an outdated technology with several known vulnerabilities that can be used by hackers to take control of trains.

Given the increased “connectedness” of railway control systems, and the fact that the rail industry is such a “high-quality” target, it comes as no surprise that there have been several reported cyber-attacks on the rail industry. In 2016, there were four reported cyber-attacks on trains across the UK, and trains in South Korea were also hit. Given the increasing vulnerabilities and dangers, we tried to understand if there were any available solutions for this industry to keep our trains safe. However, we couldn't find a single company dedicated to keeping passengers and trains protected from malicious cyber-attacks.

The absence of any solution led us to found Cylus at the beginning of 2017. We raised $4.7 million from a number of leading VCs including Vertex and Magma along with leading technology investor and entrepreneur Zohar Zisapel and started to develop our solution.

What are the main features of the Cylus solution?

Our unique cybersecurity solution enables rail companies to detect cyber-attacks in their operational network, including their signaling systems and rolling stocks, and block attackers before they can cause any damage.  Our cybersecurity system captures data from the operational network and sends it to a server on premises. We then analyze the data and detect traces of attacks within the data, based on our unique research and understanding of rail-specific technologies. Once we detect an attack, we alert the operator and give them actionable insights on how to mitigate the attack. Our overarching approach is that we look at the network as a whole, not as individual components, inspecting all the layers of the network architecture. We analyze the network by understanding the behavior of the train and the track side components, and once we find abnormal activity, we notify the operator that there’s a problem.

One of the benefits associated with this non-invasive methodology is its capability to address emerging vulnerabilities promptly. Rail companies prioritize passenger safety, which necessitates a lengthy approval process for new software patches, sometimes spanning months or even years. While this process is crucial for ensuring safety, it presents cybersecurity challenges. In the event that a malicious actor discovers a vulnerability and publicizes it online, it would take several months for the component manufacturer to authorize a new patch. However, at Cylus, we uphold real-time signature updates, enabling the immediate detection of attackers attempting to exploit vulnerabilities without any delay.

Do you monitor ticketing data as well?

We verify that no one is tampering with the entire operational network, including the trains themselves, the tracksides, and all other components which allow rail companies to improve service and maintain passenger safety. The ticketing system, while crucial, doesn’t bear on the safety of the railway system and availability of service.

Our clients are the rail companies themselves. We service two types of customers in specific: First, infrastructure managers who are responsible for the tracks and other components that control the trains; second, the companies that operate the trains. Since both companies are responsible for safety, they both invest heavily in this field. Today, all train executives realize that cybersecurity is one of the important pillars of safety in the railway industry. With hundreds of millions of train and metro passengers every day throughout the world, the need for more robust network security has never been more critical.

How do you see the future of the connected rail industry?

In the future, all modes of transportation will be connected. For example, commuters may have one route that includes autonomous cars as well as trains and airplanes. There will be synchronization between all modes of transportation both within country limits and between countries as well.

In Europe, trains are already fully connected with complex cross-country networks. In the future, we will see even more connectivity. There will be an increasing level of technologies that improve passenger experience. It may have begun with WiFi, but in the near future, there will be even more services available to commuters because the rail industry is a competitive landscape. Just as the automotive and airline industries have improved their passenger experience, the railway industry will also provide passengers with similar technologies to the ones we see in cars and planes. Services available to customers will be even better than today, and this includes the efficiency of the trains themselves. Trains will be more frequent because most will be controlled by computers, and computers will be able to decrease distance between trains. Trains will be safer, more comfortable and enjoyable, and more efficient, thanks to computers and connectivity.

With these new technologies being integrated into the rail network, we need to be prepared for the future. As we have mentioned, with connectivity comes vulnerability, and more and more trains will become targets for hackers. Over the coming years, rail companies will need to improve the safety of their networks, and we at Cylus are excited to be an integral part of this process – helping protect our trains, and their riders.

We review vendors based on rigorous testing and research but also take into account your feedback and our affiliate commission with providers. Some providers are owned by our parent company.
Learn more
vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.

About the Author

Ditsa Keren is a cybersecurity expert with a keen interest in technology and digital privacy.

Did you like this article? Rate it!
I hated it! I don't really like it It was ok Pretty good! Loved it!
out of 10 - Voted by users
Thank you for your feedback

Please, comment on how to improve this article. Your feedback matters!

Leave a comment

Sorry, links are not allowed in this field!

Name should contain at least 3 letters

The field content should not exceed 80 letters

Sorry, links are not allowed in this field!

Please enter a valid email address