According to Danish rail operator DSB, a hostile hacker attack on a software testing environment used by an IT provider was the cause of a significant failure of Denmark’s train network over the weekend.
Railways have frequently been targeted by threat actors, with recent victims including Belarus, Italy, the UK, Israel, and Iran. Researchers have demonstrated that hacker cyberattacks are possible on contemporary railway systems, however these most recent attacks focused on websites, tickets, and other IT systems rather than control systems.
On Saturday, all trains run by DSB, the biggest railway operating business in the Denmark, came to a stop and were unable to move again for several hours. Actually, it was the outcome of a security incident at Supeo, a Danish business that offers enterprise asset management solutions to railroads, operators of transportation infrastructure, and public passenger agencies. Supeo chose to take down its systems as a result of the ransomware incident, which led to the interruption of trains. Consequently, train drivers’ software stopped functioning.
Train drivers normally obtain vital operational data, such as speed restrictions and details on railroad maintenance, using a smartphone application that Supeo offers.
The program ceased to function when the provider opted to shut down its servers, forcing drivers to stop their trains.
Carsten Dam Sonderbo-Jacobsen, DSB’s chief of security, informed DR that “we were approached by our vendor who notified us that their testing environment had been hacked by criminal hackers.”
Information security specialist, currently working as risk infrastructure specialist & investigator.
15 years of experience in risk and control process, security audit support, business continuity design and support, workgroup management and information security standards.