Sam L Barker explains how the Flynet Viewer Terminal Emulator can help tackle railway industry security issues and aid in digitisation projects
Terminal emulators are used to access green-screen legacy systems such as Mainframe, IBMi or Unix. Often these systems have been in use by organisations for decades, and are still prized for their security, throughput and performance. Such is their continued functionality that green-screen legacy systems are used by 71 per cent of FTSE 100 Companies. They are also used widely across Government, infrastructure and transport networks. Being able to access and interact with data from such legacy systems via a performant terminal emulator can bring huge benefits to organisations.
Despite the benefits of their legacy system many railway operators may not have audited their terminal emulator in years- reducing efficiency and increasing costs and security threats. Emulators may have been purchased on a perpetual licence and not upgraded or serviced properly in years. The emulator might only be accessible on one type of device, browser or operating system and the security elements of the emulator may now be defunct, creating a larger digital threat surface for the railway operator, which many groups are increasingly looking to exploit.
These issues are compounded by the increasing awareness of how vulnerable national infrastructure is to cyberattack. Moody’s have warned that infrastructure is a prime target, highlighting the potential to cause maximum disruption and panic amongst the public. The reality of disruptive cyberattacks on railway systems was highlighted in 2017 during a WannaCry attack on Deutsche Bahn. The hack led to customer information boards being taken over by warning screens from hackers, demanding payment to restore services. This prompted panic among passengers and the episode has been described as a ‘wakeup call’ to railway operators with regards to cyber-security.
The 2020 SolarWinds hack also highlighted how vulnerable organizations are to supply-chain attacks targeting insecure third-party software. So severe was the fallout of the SolarWinds hack that President Joe Biden recently issued the ‘Executive Order on Improving the Nation’s Cybersecurity’, ordering all federal departments to commit to increasing their cyber security. With the ultimate goal that this strengthening would also trickle throughout the nation’s private sector.
This ongoing threat to national and international security has been brought to the fore by campaigns conducted by North Korean and Russian Active Persistent Threat (APT) hacker groups. These groups have identified terminal emulators as a potential weak spot in organisations, as a recent campaign by the North Korean Lazarus Group shows. The group used a compromised version of the PuTTY terminal emulator to infect targeted organisational systems. The group has already been successful in compromising a number of media, defence and aerospace organisations and the number of victims is likely to grow. Such open-source emulators should clearly not be considered for use by enterprises or large organisations.
Protecting Your Organisation
By contrast Flynet Viewer TE Terminal Emulator is a fully secure pure-html emulator, meeting the highest of security standards. Flynet is centrally maintained, meaning that updates and patches can be rolled out to users regardless of userbase size with no unnecessary downtime. This secures organisations from attack and keeps them compliant with security standards such as the PCI DSS Payment Card Industry Data Security Standard (PCI DSS). This centralisation also allows for better user auditing and visibility of how many connections are being used
Flynet being pure-html also means it does not rely on the Java or Active X plugins, which some popular enterprise-level terminal emulators still use. These plugins are no longer supported by the major browsers and Oracle have now deprecated the Java Applet, which they will no longer be supporting, or patching. As such continued use of plugin and app-based emulators further increases an organisation’s threat surface.
Flynet has been fully penetration tested by KPMG. All Flynet Viewer communications made between the server and host are secured with the latest SSL, TLS and HTTPS standards. Flynet support multi-factor authentication and all of the most common IAM and SSO solutions, with templates available for integration. This security portfolio guarantees the highest level of security from the Flynet emulator and exemplifies why Flynet is trusted by the world’s largest banks, insurers, governments, and infrastructure organisations.
The railway industry is currently undergoing enthusiastic digitisation drives. Numerous studies have shown the benefits to be unlocked from digitisation, including: replacing signal boxes with digital control centres, upgrading security systems, harmonising standards across multiple-markets and increasing automated processes. Studies by the German Transport Ministry and McKinsey have suggested that digitisation could increase overall railway capacity by over 20 per cent, without any additional track needing to be built. Digitisation also presents a path forward for railway operators to future-proof their systems while ensuring lower CO2 emissions.
While digital transformation projects can be ambitious, sometimes taking years, their ultimate benefits are clear: greater efficiency and capacity for railways, lower costs, improved punctuality and higher environmental standards.
The specific goals of each organisation are different. Some working processes may be mandated by union activity, which is an understandable element which must be factored in. Flynet have previously worked with railway operators using pen-and-paper based interactions with their legacy systems. Collecting and recording data by hand and then inputting the results into the green-screen system one piece at a time. Flynet can fit right into these existing processes, but also help upgrade them, providing access from any device as changes to working practices can be negotiated.
Flynet can aid in digitisation projects. The web-based deployment of Flynet Viewer TE Terminal Emulator allows access on any device with a web browser, from desktop to laptop, mobile and tablet. It also allows for usage on many different operating systems including Windows, Mac, Android and beyond. This is especially important for organisations which require access across a diverse userbase. Flynet also helps users reconnect seamlessly with dropped legacy systems connections, without disruption. This has traditionally been a time-consuming problem for users who are frequently in underground or tunnel environments with unstable internet access.
Flynet’s portfolio extends beyond terminal emulation to further support and empower rail digitisation. The portfolio includes low-code user experience (UX) suites, which allow organisations to modernise multiple black-and-green screens with convoluted paths. Transforming them into a single, full colour modern web page and allowing employees to interface with it as they would any other website. Flynet’s web services integration can also allow for the automation and integration of legacy applications, data and processes and help aid in digitisation efforts.
The combination of Flynet’s security portfolio alongside its functionality upgrades makes Flynet an excellent choice of terminal emulator. Maintaining the security and stability of existing legacy systems and work processes, while allowing for modernisation and dynamism. By protecting and modernising your railway terminal emulator, Flynet can provide a cost-effective solution with zero downtime, deployed in days.
Sam L Barker is a product consultant at Flynet, helping organisations to modernise their legacy systems. He is also a writer focusing on the areas of technology and international business. He lives in Cambridge UK and you can find him on LinkedIn.