Ukraine Railway Systems Attacked By Russian Hackers

Online train tickets have been unavailable in Ukraine due to a sophisticated cyber hack, which the Ukrainian Ministry of Justice says Russia is behind this attack. Ukraine’s national railway company Ukrzaliznytsia, confirmed in a statement that the cyber attack had taken place on March 24.

The company said this attack was “very systematic, complex, and multi-level”. It took down its online portal, rendering the sale of tickets online impossible at least until March 25. So far, back-up protocols are keeping trains running 

Ukrzaliznytsia’s infrastructure is frequently targeted by Russian drones and missiles and cyber attacks. 
Following the latest attack, the rail company doubled the number of ticket windows and staff at several stations, including Kyiv, to accommodate passengers. Users were advised to purchase domestic and international paper tickets through those ticket offices operating with more staff. Passengers aiming to travel after March 25th have been advised to refrain from visiting ticket offices to avoid queues and to allow those with imminent departures to be served.

Ukrzaliznytsia stated that its experts are working closely with the Cyber Department of the Security Service of Ukraine (SBU) and the Ukrainian Computer Emergency Response Team (CERT-UA) to restore all disrupted services. “As Ukrzaliznytsia has been the target of cyber-attacks in the past, the company has implemented backup protocols,” the company added.

“The key thing is that the enemy was not able to disrupt the train schedule: trains are running stably, on schedule, and without delays, and all operational processes have been adjusted to a backup mode. The railway continues to operate despite physical attacks on infrastructure and will not be stopped by even the most malicious cyber-attacks.”

A complete restoration of user-facing online services will only be possible once the railway company and its partners have tested services for potential vulnerabilities.

With many Ukrainian airports shut down and air traffic suspended due to the Russian invasion, Ukraine's railways remain a vital lifeline for the country's economy. 

Kyiv Indepndent   |  Pravda   |  Railtech  |   Bleeping Computer  |   Infosecurity Magazine   |   The Record     

Image: @Ukrzaliznytsia

You Might Also Read: 

Poland’s Train Network Disrupted:


If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Sign up for our FREE Weekly Newsletter
Combatting Rising AI Attacks With AI-Powered Defences  »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Cloudera

Cloudera

Cloudera provide the world’s fastest, easiest, and most secure data platform built on Hadoop.

Adeptis Group

Adeptis Group

Adeptis are experts in cyber security recruitment, providing bespoke staffing solutions to safeguard your organisation against ever-changing cyber threats.

TEISS

TEISS

Teiss.co.uk is a website dedicated to providing information about cyber security. TEISS also provide a series of conferences and events focused on cyber security.

National Cybersecurity Hub - South Africa

National Cybersecurity Hub - South Africa

The mission of the National Cybersecurity Hub is to be the central point of collaboration for cybersecurity incidents in South Africa.

Pryv

Pryv

Pryv is a Swissmade software for privacy, personal data collection, usage, sharing and storage.

TriagingX

TriagingX

TriagingX successfully created the first generation malware sandbox that is being used by many Fortune 500 companies for daily malware analysis.

Packetlabs

Packetlabs

Packetlabs specializes in penetration testing services and application security.

ProCheckUp

ProCheckUp

ProCheckUp is a London-based independent provider of cyber security services, including IT Security, Assurance, Compliance and Incident Response.

Open Source Security Foundation (OpenSSF)

Open Source Security Foundation (OpenSSF)

OpenSSF is committed to collaboration and working both upstream and with existing communities to advance open source security for all.

Cyber Legion

Cyber Legion

Cyber Legion Ltd is a UK-based Cyber Security as a Service (CSaaS) start-up that provides IT security testing services to various organizations around the globe.

Allurity

Allurity

Allurity is a group of tech-enabled cybersecurity service providers, comprised of best-in-class experts with a common mission to enable a safe digital world.

Data Pie Cybersecurity

Data Pie Cybersecurity

The Data Pie Cybersecurity Consulting offers a 360° around protection for your IT security. Security awareness solutions and consulting.

Phylum

Phylum

Phylum provides powerful, automated software supply chain risk analysis that protects organizations, defends developers and enables secure innovation.

MergeBase

MergeBase

Reduce software supply chain risk with MergeBase proven Software Composition Analysis (SCA).

LT Harper

LT Harper

LT Harper specialise in cyber security recruitment. We believe in providing an individualised service to our customers whether they are looking for a new opportunity or to hire talent.

HardTarget

HardTarget

HardTarget is a cutting-edge cyber training company serving HWN (High-Net-Worth) Families and their trusted Advisors.