Student Hacked Taiwan High-Speed Rail to Trigger Emergency Brakes

Taiwan's high‑speed rail (THSR) carries over 80 million passengers annually, making its reliability a national priority. The network relies on a TETRA (Trans‑European Trunked Radio) system that has been in place for nearly two decades, providing voice and data links for train control and emergency signaling. While TETRA is praised for its robustness in mission‑critical environments, the THSR implementation suffered from stagnant cryptographic parameters, a common oversight in legacy systems that can render them susceptible to modern radio‑frequency attacks.

The incident unfolded when a university student leveraged an inexpensive software‑defined radio and handheld transceivers to replay a high‑priority alarm code. By cloning an unassigned beacon and exploiting the unchanged encryption keys, he triggered the automatic emergency‑brake protocol on four trains, causing a 48‑minute service interruption. This low‑cost, high‑impact attack underscores a broader trend: cyber‑physical threats to transportation are no longer limited to sophisticated nation‑state actors. Hobbyist‑level tools can now compromise safety‑critical communications if operators fail to rotate keys, enforce mutual authentication, and monitor anomalous radio traffic.

In response, Taiwanese authorities seized the suspect's equipment, launched a criminal investigation, and faced public criticism over systemic negligence. The case serves as a cautionary tale for rail operators worldwide, urging immediate audits of radio‑based control systems, adoption of dynamic key management, and integration of intrusion‑detection capabilities. As governments invest heavily in rail modernization, embedding cybersecurity by design will be essential to safeguard passengers and maintain public trust.