The Danish state rail operator DSB was hit by a massive DDoS cyber attack that paralyzed some operations, including ticketing systems and the communication infrastructure.

The Danish state rail operator DSB was hit by an unprecedented DDoS cyber attack, the attack was confirmed on Monday by the company and reported by The Local media outlet.

The attack was launched on Sunday and paralyzed the ticketing system and prevented passengers across the country from buying tickets.

“Tickets purchases via the company’s app, ticket machines, website and in 7-Eleven stores were all out of action due to the issue on Sunday.” reported The Local.

“Passengers with Rejsekort travel cards were able to use that system, while others purchased tickets from ticket inspectors on board trains.”

The state rail operator DSB restored normal operations on Monday morning

The company experts confirmed the attack from an external source with the specific intent to destroy the operations at the state rail operator DSB. The hackers took offline also internal mail system and the telephone infrastructure. The only way to communicate with the customers was represented by social media.

Der er i øjeblikket tekniske problemer med https://t.co/T7y8wTjyW7, salgskanaler, trafikinfo samt vores telefonlinjer. Vi arbejder på at løse fejlen.

— DSB (@omDSB) May 13, 2018

Vi er blevet gjort opmærksomme på, at andre fortsat oplever fejl, når de forsøger at komme på https://t.co/T7y8wTjyW7.

Det er blevet fejlmeldt og vi arbejder på sagen. https://t.co/oJKwvGVkBP

— DSB (@omDSB) May 14, 2018

The train safety was not compromised by hackers, assured the deputy director.

“Our technicians and IT contractors have analysed this closely during the night and have concluded this is an outside attack in which someone has attempted to bring our system down,” DSB vice-director Aske Wieth-Knudsen said.

“”We have previously been subjected to an attack and, of course, we have made some processes to avoid this. The type of attack we saw yesterday is a new way of doing it, as we have not seen before. So it needs to be analyzed a bit closer, exactly what has happened so we can prevent it from repeating, says Aske Wieth-Knudsen.” Wieth-Knudsen told DR.

The company is investigating the issue along with Danish authorities and are monitoring the situation to prevent further attacks.

“At this moment in time I have not yet been in contact with anyone. We are still clarifying some messages, since the attack was only resolved during the night,” he told Ritzau.

“Now the day has started we will naturally contact relevant bodies,” he added.

Aske Wieth-Knudsen from DSB confirmed that the company has not been paid any kind of ransom in connection with the cyber assault.

Pierluigi Paganini

(Security Affairs – state rail operator DSB, DDoS)

[adrotate banner=”5″]

[adrotate banner=”13″]