--- title: "Student Arrested After Cyberattack on High Speed Rail in Taiwan" date: 2026-05-06 author: "Sofia Ramirez" featured_image: "https://sqmagazine.co.uk/wp-content/uploads/2026/05/student-arrested-in-taiwan-after-high-speed-rail-network-spoofing.jpg" categories: - name: "Cybersecurity" url: "/cybersecurity.md" tags: - name: "News" url: "/tag/news.md" --- # Student Arrested After Cyberattack on High Speed Rail in Taiwan A cyberattack on Taiwan’s high speed rail network forced multiple trains into emergency stops after a university student allegedly hacked into the railway’s radio communication system. ## Quick Summary – TLDR: - Taiwan High Speed Rail suffered a major cyberattack during the Qingming Festival holiday period. - A 23 year old university student allegedly spoofed emergency radio signals to stop multiple trains. - The disruption caused nearly 48 minutes of delays and triggered a large police investigation. - Authorities are now reviewing the security of the railway’s TETRA communication system. ## What Happened? Taiwanese authorities have arrested a 23 year old university student accused of hacking into the communication system used by **Taiwan High Speed Rail**. The attack triggered false emergency alerts that forced several trains to stop suddenly during one of the country’s busiest travel periods. The incident happened on April 5 and caused major delays across the rail network. Investigators say the suspect used radio spoofing tools and software defined radio equipment to imitate official railway communication signals. > 🚨🇹🇼 BREAKING: A 23-year-old college student in Taiwan brought three high-speed trains to an emergency stop by hijacking the rail network’s radio communications. > > A month ago Taiwan High Speed Rail Corp’s operations control center received an alarm from what appeared to be a… [pic.twitter.com/W8O7yaWJL2](https://t.co/W8O7yaWJL2) > > — International Cyber Digest (@IntCyberDigest) [May 5, 2026](https://twitter.com/IntCyberDigest/status/2051627402531409944?ref_src=twsrc%5Etfw) ## How the Cyberattack Disrupted Taiwan’s Rail Network? According to prosecutors, the suspect managed to access part of the railway’s operational technology and communication infrastructure by exploiting vulnerabilities inside a computer system connected to the network. Authorities say the attacker targeted the railway’s **TETRA radio communication system**, which is commonly used in public transportation and emergency response networks around the world. TETRA devices are normally restricted to authorized railway staff and contain a special emergency reporting function designed for critical situations. Investigators revealed that the suspect allegedly cloned a legitimate radio signal and broadcast a fake “**General Alarm**” signal near Taichung Station. Inside the THSR system, this alert is treated as the highest level emergency warning. Once the signal was triggered, nearby train operators were automatically instructed to switch to manual emergency stop procedures. Reports indicate that three to four high speed trains were affected during the incident. The emergency stop caused delays of approximately 48 minutes while railway operators inspected tracks and verified passenger safety. ## SDR Equipment and Radio Spoofing Allegedly Used Police believe the student used **Software Defined Radio equipment**, handheld radios, a laptop, and antenna hardware to monitor and manipulate railway radio communications. Investigators also suspect the attacker may have listened to encrypted radio traffic before programming copied system parameters into another radio device capable of impersonating official railway equipment. During raids carried out on April 28, authorities searched the suspect’s home, rented apartment, and workplace. Officers reportedly seized multiple electronic devices, wireless broadcasting hardware, and eleven handheld radios connected to the investigation. The suspect was later released on **NT$100,000 bail** after questioning. ## Questions Raised Over TETRA Security The incident has also renewed concerns about vulnerabilities inside older TETRA communication systems. Security researchers discovered major weaknesses in some **TETRA encryption algorithms** back in 2023. Some experts now suspect the Taiwan railway system may have relied on weak or outdated encryption methods that could have allowed the spoofing attack to succeed. Officials have not confirmed whether the suspect directly exploited those known vulnerabilities. However, investigators are reviewing whether the rail system used insufficient encryption protections or poorly secured radio authentication mechanisms. The railway control center reportedly became suspicious after trying to verify the emergency alert over radio communication. Authorities said the person responding to the call gave inconsistent answers before disconnecting the transmission entirely. An internal equipment audit later confirmed that no official TETRA devices had been stolen, leading investigators to conclude that the emergency signal had been generated externally. ## Authorities Warn Against Infrastructure Attacks Taiwan’s Taoyuan District Prosecutors’ Office described the incident as a serious threat to public transportation safety. Chief Prosecutor Chang Chun hui assigned a special investigative team involving the Railway Police Bureau and the Criminal Investigation Bureau’s Electronic Investigation Brigade. The student now faces multiple charges under Taiwan’s Railway Act and Criminal Code, including unauthorized system intrusion, interference with communication systems, and actions that endangered public transportation safety. Local reports suggest he could face up to ten years in prison if convicted. Authorities also issued a public warning stating that any attempts to interfere with critical infrastructure systems through hacking or radio manipulation will be prosecuted aggressively. ## SQ Magazine Takeaway I think this incident is a wake up call for railway operators everywhere. Many transportation systems still depend on legacy communication technology that was designed years before [modern cyber threats](https://sqmagazine.co.uk/cyber-threat-statistics/) became this advanced. What makes this case alarming is not just the disruption itself, but how relatively accessible the tools appear to have been. If a university student with off the shelf radio equipment can stop high speed trains, governments and transit operators need to rethink how secure these systems really are.