The Attack on Danish Railways – Lessons Learned
Earlier this month, Reuters reported that a Danish train standstill on Saturday could be caused by a cyber attack. Today we’re looking further into the incident.
The Attack on DSB – What Happened?
A Danish train operator DSB (Danske Statsbaner – Danish State Railways) is said to be one of the largest train operators across Scandinavia. According to them, their head of security said that they were contacted by one of their subcontractors who told them that some of their environment has been compromised by hackers.
The attack is said not to be a direct attack on Danish Railways, however, as the attack has allegedly targeted their subcontractor Supeo, it has been forced to shut down its servers – the ability to drive trains has been disrupted as a result.
Supeo allegedly provides an application that helps navigate the trains and helps conductors realize where they need to go. According to a Danish broadcaster DR, it’s alleged that the attack wasn’t targeted at Danish State Railways itself – rather, their head of security stated that “it was economic crime” leading some to believe that the attack was tied to ransomware.
It’s still not clear exactly who was behind the attack since some news sources say that no one claimed responsibility for the attack as of yet – an investigation into the crime, however, was ongoing at the time news hit the press.
Danish State Railways is, unfortunately, not the first nor the last railway company to have suffered a data breach – back in March of this year, an attack on Italy’s state railway systems disrupted ticket sales too. According to reports by Reuters, an Italian railway company called Ferrovie dello Stato has stated that elements that “could be linked to a cryptolocker infection” have been detected on their computer networks. In that case, railways were not affected, however, the company had to halt in-person ticket sales for a while. Even while online ticket sales were supposedly functioning as normal, we could assume that there were some confusion between the customers of the company.
Similar attacks are reported to have happened in Poland as well – back in March, Polish authorities stated that a traffic control system “outage” has affected Polish railways as well. The outage is said to be pretty huge – it allegedly affected more than half of the entire railway traffic in Poland and it is alleged to have taken place due to a flaw in the code of the software – it’s not clear whether the flaw was security-related or not.
We have just walked you through three attacks that happened on railway systems a while ago – and while nobody is sure exactly who is behind those attacks, one thing is for certain: while none of the aforementioned attacks put human lives in danger, they disrupted operations and those operations cost companies and individuals both time and money. The railway operators, of course, have had time to recover from the attacks and think about how better to protect their systems in the future, but that’s not always the case – especially not when the amount of cyberattacks are mounting up every day.
That’s why it’s so important to protect yourself and your loved ones from data breaches by employing the power of data breach search engines – the data breach search engine provided by BreachDirectory can help secure both individuals and companies by providing them with a powerful data breach search engine that helps them assess their likelihood of being exposed in a data breach – the BreachDirectory API capability, on the other hand, will help companies implement the data existing in the BreachDirectory data breach search engine and protect their employees and contractors by providing companies with valuable information that helps companies act and implement data breach data into log in, shopping or other procedures to alert their clients of a possible data breach. In other words, BreachDirectory is a frequent partner in conducting OSINT operations and performing cyber security-related research. Give it a try today!
Attacks on railway systems aren’t a frequent occurrence – however, as you might’ve noticed, they aren’t something that’s out of the ordinary either. The cyber attacks targeting railway systems frequently start with ransomware and lock their systems out – that provides railways with a whole bunch of issues as they can no longer function correctly. We hope that this blog has provided you with some interesting information on that front, and we’ll see you in the next one!