Taiwan High Speed Rail Hacked Using Radio Signal Spoofing Attack That Halted Three Trains

Discover more Home security systems Network security solutions Antivirus & Malware HomeCyber Security News Taiwan High Speed Rail Hacked Using Radio Signal Spoofing Attack That Halted Three Trains By Abinaya May 6, 2026 On the final night of the Qingming Festival holiday, three Taiwan High Speed Rail trains were forced into emergency stops due to a sophisticated radio signal spoofing attack. The malicious transmission triggered false alarms across the network, causing a nearly hour-long delay for passengers. Authorities have since apprehended a 23-year-old college student in connection with the cyber-physical security incident. The disruption centered around the manipulation of the rail network’s internal communication systems. According to investigators, the attacker successfully cloned the radio signal of a Tetra mobile device. Critical infrastructure and emergency services commonly use Tetra (Terrestrial Trunked Radio) systems for secure, two-way communication. Taiwan High Speed Rail Spoofing hack At 11:23 PM, the high-speed rail’s operations control center detected a General Alarm (GA) signal originating from Taichung Station. These communication devices are strictly issued to personnel in controlled areas and feature a vital built-in alarm reporting function. When station staff detects situations that endanger passenger safety, the system automatically broadcasts an emergency alert. This signal simultaneously instructs train drivers in the affected sector to switch to manual emergency stop mode. By maliciously spoofing this specific radio frequency, the suspect forced three separate trains to halt, resulting in a 48-minute system-wide delay. Following the incident, the Taiwan High Speed Rail control center immediately audited its internal communication hardware. After verifying that no authorized devices were missing, the operator confirmed the alarm was generated externally. The company formally reported the security breach to the Railway Police Bureau and the Criminal Investigation Bureau’s Telecommunications Investigation Division. The joint task force determined that the attacker exploited a computer system vulnerability to intrude into the core network, utilizing specialized electromagnetic interference equipment to execute the spoofing. On April 28, law enforcement executed search warrants at three locations, including the suspect’s residence and workplace. Officers successfully seized multiple pieces of wireless broadcasting equipment and electronic devices used during the attack. Legal Consequences and Mitigation According to a Newtalk report, a university student surnamed Lin was questioned by the Taoyuan District Prosecutors’ Office. He currently faces charges under the Railway Act, as well as criminal code violations for endangering public transportation and deploying illegal signal-interference equipment. Following his initial questioning, Lin was released on bail of NT$100,000 pending further legal proceedings. In response to this cyber-physical intrusion, authorities emphasized the severe consequences of targeting critical transportation infrastructure. The District Prosecutors’ Office warned that any attempts to obstruct public transit networks through hacking or radio interference will face aggressive prosecution. Moving forward, security experts anticipate that Taiwan High Speed Rail will need to audit and reinforce its Tetra radio authentication protocols to prevent future unauthorized signal cloning. Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories. Tags cyber security cyber security news Copy URL Linkedin Twitter ReddIt Telegram Abinayahttps://cybersecuritynews.com/ Abi is a Security Editor and fellow reporter with Cyber Security News. She is covering various cyber security incidents happening in the Cyber Space. Trending News Threat Actors Use AI to Automate 0-Day Discovery and Exploitation at Machine Speed cPanelSniper – PoC Exploit Disclosed for cPanel Vulnerability, 44,000 Servers Compromised Ransomware Victims Jump to 7,831 as AI Crime Tools Scale Global Attacks CISA Warns of Linux “Copy Fail” 0-Day Vulnerability Exploited to Root Systems Silver Fox Uses Fake Tax Notices to Deploy ValleyRAT and New ABCDoor Backdoor Latest News ANY.RUN New Phishing-to-RMM Attacks: How Analysts Can Detect Trusted-Tool Abuse Early  Cyber Attack News Hackers Use Microsoft Teams to Steal Credentials and Manipulate MFA Cyber Security News New Fanwei E-cology10 Server Vulnerability Could Let Attackers Hijack Sessions and Steal Credentials Cyber Security News Salesforce Marketing Cloud Vulnerability Opened Door to Email Data Exposure Cyber Security News Malicious OpenClaw DeepSeek Skill Exploits Agentic AI Workflows to Deliver RAT and Stealer