Tel Aviv train station hit by cyberattack with fake missile alerts
Cyberattack affects platform advertising screens; national cybersecurity authorities investigate.
A cyberattack targeted advertising signs in the passenger halls at Herzliya Station and Shalom Train Station in Tel Aviv on Wednesday. It is estimated that Iranian hackers took control of the signs and posted messages claiming that the stations were expected to be attacked by Iranian missiles and instructing the public to evacuate immediately.
Israel Railways clarified that these signs are not connected to the railway infrastructure and are located on platforms as part of a private provider’s advertising and information system. Shortly after the incident, the screens were taken offline. The National Cyber Directorate, in cooperation with Israel Railways, began investigating the source of the malfunction. Railways officials emphasized that the affected screens are part of an external network unrelated to essential railway infrastructure. Therefore, there was no risk to critical systems or the railway's passenger information system (PIS).
Earlier, Iran’s Fars News Agency falsely claimed that Israel’s entire railway system had been hacked and disabled. The agency stated:
"Israel’s railways have been hacked. As a result of a cyberattack, the enemy’s railway system has been disabled. All [Israeli railway] stations are not safe until further notice."
Following the incident, Israel Railways announced on Thursday that, in accordance with Home Front Command guidelines, it is continuing efforts to resume service on travel routes, increase train frequency, and reopen additional stations.
