Hackers can use just a radio to cause train accidents in US, CISA explains how

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a key train system in the US. The warning specifically concerns the End-of-Train and Head-of-Train protocol, which the agency claims could be hacked using only a radio. This vulnerability stems from the system’s lack of encryption and authentication protocols. The flaw involves the communication between a Flashing Rear End Device (FRED), or End-of-Train (EOT) device, attached to the back of a train, and a corresponding Head-of-Train (HOT) device in the locomotive. Installed in the 1980s to replace caboose cars, these devices can transmit data via radio signals, where commands can also be sent to the FRED to apply brakes at the rear of the train.