Experts say focus on safety has not kept pace with expansion
Government says data shows no major accident for years
NEW DELHI, June 3 (Reuters) – India’s vast rail network is undergoing a $30 billion transformation with gleaming new trains and modern stations but Friday’s deadly train accident shows more attention should be paid to safety, industry analysts said.
At least 288 people were killed in the country’s worst rail accident in over two decades after a passenger train went off the tracks and hit another in the eastern state of Odisha.
State monopoly Indian Railways runs the fourth largest train network in the world. It transports 13 million people every day and moved nearly 1.5 billion tonnes of freight in 2022.
Long considered the lifeline of the world’s most populous country, the 170-year-old system has seen rapid expansion and modernisation under Prime Minister Narendra Modi’s push to boost infrastructure and connectivity in the fast-growing economy.
This year, the government made a record 2.4-trillion-rupee ($30 billion) capital outlay for the railways, a 50% increase over the previous fiscal year, to upgrade tracks, ease congestion and add new trains.
A new, semi-high-speed train built in India and called the “Vande Bharat Express”, or “Salute to India Express”, is showcased as evidence of this modernisation, with Modi himself flagging off the first journeys of many of the trains around the country.
But Friday’s crash has come as a jolt to this makeover, experts said.
“The safety record has been improving over the years but there is more work to do,” said Prakash Kumar Sen, head of the department of mechanical engineering at Kirodimal Institute of Technology in central India and lead author of a 2020 study on “Causes of Rail Derailment in India and Corrective Measures”.
“Human error or poor track maintenance are generally to blame in such crashes,” Sen said.
The railways have been introducing more and more trains to cope with soaring demand but the workforce to maintain them has not kept pace, he said.
Workers are not trained adequately or their workload is too high, and they don’t get enough rest, Sen said.
The east coast route on which Friday’s crash occurred, is one of the country’s oldest and busiest, as it also carries much of India’s coal and oil freight, he said.
“These tracks are very old … the load on them is very high, if maintenance is not good, failures will happen,” Sen said.
‘GOOD SAFETY RECORD’
Indian Railways maintains that safety has always been a key focus, and points to its low accident rate over the years.
“This question (on safety) is arising because there has been one incident now. But if you see the data, you will see that there have been no major accidents for years,” a railways ministry spokesperson said.
The number of accidents per million train kilometres, a gauge of safety, had fallen to 0.03 in fiscal 2021-22 from 0.10 in 2013-14, the spokesperson said.
A 1-trillion-rupee, five-year safety fund created in 2017-18 has been extended for another five years from 2022-23, with a further 450 billion rupees of funding, after the first plan led to an “overall improvement in safety indicators”, he added.
“Some malfunction has happened and that the inquiry will reveal,” he said, referring to Friday’s crash. “We will find out why it happened and how it happened.”
Srinand Jha, an independent transport expert and author at the International Railway Journal, said the railways have been working on safety mechanisms such as anti-collision devices and emergency warning systems but have been slow to install them across the network.
“They will always tell you that accidents are at a very manageable level because they talk about them in terms of percentages,” Jha said, adding that in recent years the focus has been more on new trains and modern stations and not as much on tracks, signalling systems and asset management.
“This accident brings out the need to focus more on these aspects,” he said.
Hit finance ministry, president’s office, spy agency and others
Sources believe Beijing was seeking info on debt
NAIROBI, May 24 (Reuters) – Chinese hackers targeted Kenya’s government in a widespread, years-long series of digital intrusions against key ministries and state institutions, according to three sources, cybersecurity research reports and Reuters’ own analysis of technical data related to the hackings.
Two of the sources assessed the hacks to be aimed, at least in part, at gaining information on debt owed to Beijing by the East African nation: Kenya is a strategic link in the Belt and Road Initiative – President Xi Jinping’s plan for a global infrastructure network.
“Further compromises may occur as the requirement for understanding upcoming repayment strategies becomes needed,” a July 2021 research report written by a defence contractor for private clients stated.
China’s foreign ministry said it was “not aware” of any such hacking, while China’s embassy in Britain called the accusations “baseless”, adding that Beijing opposes and combats “cyberattacks and theft in all their forms.”
China’s influence in Africa has grown rapidly over the past two decades. But, like several African nations, Kenya’s finances are being strained by the growing cost of servicing external debt – much of it owed to China.
The hacking campaign demonstrates China’s willingness to leverage its espionage capabilities to monitor and protect economic and strategic interests abroad, two of the sources said.
The hacks constitute a three-year campaign that targeted eight of Kenya’s ministries and government departments, including the presidential office, according to an intelligence analyst in the region. The analyst also shared with Reuters research documents that included the timeline of attacks, the targets, and provided some technical data relating to the compromise of a server used exclusively by Kenya’s main spy agency.
A Kenyan cybersecurity expert described similar hacking activity against the foreign and finance ministries. All three of the sources asked not to be named due to the sensitive nature of their work.
“Your allegation of hacking attempts by Chinese Government entities is not unique,” Kenya’s presidential office said, adding the government had been targeted by “frequent infiltration attempts” from Chinese, American and European hackers.
“As far as we are concerned, none of the attempts were successful,” it said.
It did not provide further details nor respond to follow-up questions.
A spokesperson for the Chinese embassy in Britain said China is against “irresponsible moves that use topics like cybersecurity to sow discord in the relations between China and other developing countries”.
“China attaches great importance to Africa’s debt issue and works intensively to help Africa cope with it,” the spokesperson added.
THE HACKS
Between 2000 and 2020, China committed nearly $160 billion in loans to African countries, according to a comprehensive database on Chinese lending hosted by Boston University, much of it for large-scale infrastructure projects.
Kenya used over $9 billion in Chinese loans to fund an aggressive push to build or upgrade railways, ports and highways.
Beijing became the country’s largest bilateral creditor and gained a firm foothold in the most important East African consumer market and a vital logistical hub on Africa’s Indian Ocean coast.
By late 2019, however, when the Kenyan cybersecurity expert told Reuters he was brought in by Kenyan authorities to assess a hack of a government-wide network, Chinese lending was drying up. And Kenya’s financial strains were showing.
The breach reviewed by the Kenyan cybersecurity expert and attributed to China began with a “spearphishing” attack at the end of that same year, when a Kenyan government employee unknowingly downloaded an infected document, allowing hackers to infiltrate the network and access other agencies.
“A lot of documents from the ministry of foreign affairs were stolen and from the finance department as well. The attacks appeared focused on the debt situation,” the Kenyan cybersecurity expert said.
Another source – the intelligence analyst working in the region – said Chinese hackers carried out a far-reaching campaign against Kenya that began in late 2019 and continued until at least 2022.
According to documents provided by the analyst, Chinese cyber spies subjected the office of Kenya’s president, its defence, information, health, land and interior ministries, its counter-terrorism centre and other institutions to persistent and prolonged hacking activity.
The affected government departments did not respond to requests for comment, declined to be interviewed or were unreachable.
By 2021, global economic fallout from the COVID-19 pandemic had already helped push one major Chinese borrower – Zambia – to default on its external debt. Kenya managed to secure a temporary debt repayment moratorium from China.
In early July 2021, the cybersecurity research reports shared by the intelligence analyst in the region detailed how the hackers secretly accessed an email server used by Kenya’s National Intelligence Service (NIS).
Reuters was able to confirm that the victim’s IP address belonged to the NIS. The incident was also covered in a report from the private defence contractor reviewed by Reuters.
Reuters could not determine what information was taken during the hacks or conclusively establish the motive for the attacks. But the defence contractor’s report said the NIS breach was possibly aimed at gleaning information on how Kenya planned to manage its debt payments.
“Kenya is currently feeling the pressure of these debt burdens…as many of the projects financed by Chinese loans are not generating enough income to pay for themselves yet,” the report stated.
A Reuters review of internet logs delineating the Chinese digital espionage activity showed that a server controlled by the Chinese hackers also accessed a shared Kenyan government webmail service more recently from December 2022 until February this year.
Chinese officials declined to comment on this recent breach, and the Kenyan authorities did not respond to a question about it.
‘BACKDOOR DIPLOMACY’
The defence contractor, pointing to identical tools and techniques used in other hacking campaigns, identified a Chinese state-linked hacking team as having carried out the attack on Kenya’s intelligence agency.
The group is known as “BackdoorDiplomacy” in the cybersecurity research community, because of its record of trying to further the objectives of Chinese diplomatic strategy.
According to Slovakia-based cybersecurity firm ESET, BackdoorDiplomacy re-uses malicious software against its victims to gain access to their networks, making it possible to track their activities.
Provided by Reuters with the IP address of the NIS hackers, Palo Alto Networks, a U.S. cybersecurity firm that tracks BackdoorDiplomacy’s activities, confirmed that it belongs to the group, adding that its prior analysis shows the group is sponsored by the Chinese state.
Cybersecurity researchers have documented BackdoorDiplomacy hacks targeting governments and institutions in a number of countries in Asia and Europe.
Incursions into the Middle East and Africa appear less common, making the focus and scale of its hacking activities in Kenya particularly noteworthy, the defence contractor’s report said.
“This angle is clearly a priority for the group.”
China’s embassy in Britain rejected any involvement in the Kenya hackings, and did not directly address questions about the government’s relationship with BackdoorDiplomacy.
“China is a main victim of cyber theft and attacks and a staunch defender of cybersecurity,” a spokesperson said.
Reporting by Aaron Ross in Nairobi, James Pearson in London and Christopher Bing in Washington
Additional reporting by Eduardo Baptista in Beijing
Editing by Chris Sanders and Joe Bavier
West & Central Africa correspondent investigating human rights abuses, conflict and corruption as well as regional commodities production, epidemic diseases and the environment, previously based in Kinshasa, Abidjan and Cairo.
Reports on hacks, leaks and digital espionage in Europe. Ten years at Reuters with previous postings in Hanoi as Bureau Chief and Seoul as Korea Correspondent. Author of ‘North Korea Confidential’, a book about daily life in North Korea. Contact: 447927347451
Award-winning reporter covering the intersection between technology and national security with a focus on how the evolving cybersecurity landscape affects government and business.
WASHINGTON, Oct 22 (Reuters) – U.S. President Joe Biden does not have any new deadlines as the administration continues to negotiate with Democratic lawmakers on the framework of a massive spending bill aimed at social programs and tackling climate change, White House press secretary Jen Psaki said on Friday.
Register now for FREE unlimited access to Reuters.com
/cloudfront-us-east-2.images.arcpublishing.com/reuters/5BG4CNQIKZOOBCTGMWF3RHHMEE.jpg)
/cloudfront-us-east-2.images.arcpublishing.com/reuters/EXKKFK7XDBJ63KQSUZF7C7NJB4.jpg)
/cloudfront-us-east-2.images.arcpublishing.com/reuters/NXER7CFACBM3ZN54QKDOZPRNOA.jpg)