Three hackers in Poland were hired to fix the software of a broken train, and they were successful, but now the train company, Newag, is threatening to sue them, according to Polish outlet Rynek Kolejowy. The hackers allege that the trains were deliberately outfitted with software that would ensure they couldn’t operate if they were repaired by an independent company.
“Today we are sure that it was a deliberate action on Newag’s part,” said Michał Kowalczyk, part of the Polish hacking group Dragon Sector, last week. “We discovered the manufacturer’s interference in the software, which led to forced failures and to the fact that the trains did not start.”
“Bricking” is common for tech companies—Australia sued Apple in 2017 for bricking iPhones repaired by third parties—but it’s much rarer to hear about bricking a train. The train manufacturer in question, Newag, is one of the oldest railway companies in Poland, and they are not taking this fiasco lightly. “This is slander from our competition, which is conducting an illegal black PR campaign against us,” said Newag in a statement to the Polish publication.
The train company also demanded the repaired trains be removed from service immediately because they had been “hacked” and therefore might now be unsafe, which cannot be substantiated, according to 404 Media.
Companies will often brick a product for being repaired by a third party to maintain an ongoing revenue stream on their products—be it through doing repairs themselves or insisting on a replacement. Newag trains are run by independent operators, and many have been having mysterious failures since this summer impacting service for customers, according to Rynek Kolejowy.
In a last-ditch effort to fix the numerous trains that wouldn’t start, a repair company Google searched “Polish Hacker” and Dragon Sector came up. The Polish hackers were ultimately able to fix the trains. Newag says they will “file appropriate lawsuits against the ‘alleged hackers’,” as well as the repair company that hired them.
“All of this is OEM(Original Equipment Manufacturer) bullshit,” said Gay Gordon-Byrne, a leader of a right-to-repair advocacy group to 404 Media. Gordon-Byrne says this is enabled by DRM, or Digital Rights Management, which is often used by manufacturers to ensure customers have to go back to the source to repair their products. “It’s DRM gone wild.”