A discussion devoted to issues of cyber security in railway transport was held at in Scherbinka in south Moscow on 30 August 2017 within the framework of the International Railway Salon EXPO-1520.
Opening the discussion, Evgeny Charkin, Director of Information Technologies at Russian Railways, reminded the audience about the recent increase in the number of cyberattacks on information and control systems at industrial facilities. One of the most common attacks of the WannaCry virus, which took place on 12 May 2017, paralysed about 200,000 computers around the world.
“The virus also affected OJSC RZD, but the Company handled the attack very well. We are very involved in ensuring cyber security and work closely with antivirus software companies, which allows us to act quickly in emergency situations. As a result of that attack, not a single train was delayed, and the Company suffered no ill effects,” said Evgeny Charkin.
According to the Director of Information Technologies at Russian Railways, information security is one of the priorities of the Company’s digital transformation program. He reminded his listeners that OJSC Russian Railways is implementing a comprehensive programme called Digital Railways whose goal is to introduce a new culture of doing business based on IT-technologies.
The programme’s most important direction is the development of client services.
In the field of passenger transportation, the Company intends to provide passengers with an integrated platform for IT solutions that provides the ability to plan and book transportation, including multimodal and other related services, such as Wi-Fi on board trains en route, video content, entertainment content, E-commerce and travel services etc.
In the field of freight transport, an electronic trading platform has been launched to handle remote ordering, payments and the organisation of freight rail shipments with a full range of related services.
Further directions for digitalisation included transitioning to a system of train traffic control management, switching from the current accounting system to the intellectual management of technology and introducing a document processing system.
“If we create new opportunities and new technologies, new threats will inevitably emerge. We should take these risks into account. At the same time, the most important level of cyber security is to constantly increase the level of knowledge and skills of our employees - they must be more literate than the attackers, said Evgeny Charkin.