Russian state-owned railway company RZD encountered a major cyberattack, causing its website and mobile app to be inaccessible for several hours. The attack, claimed by Ukrainian hacktivist group IT Army, led to disruptions in ticket purchasing, forcing passengers to buy tickets only at railway stations.
Although the claims made by IT Army have not been verified, RZD confirmed the attack and stated that its services were restored, albeit with some online services remaining unavailable due to ongoing attacks.
This incident marks the second cyberattack on RZD since the conflict in Ukraine began. In a previous attack last February, RZD’s website and mobile app also experienced disruptions due to intense distributed denial-of-service (DDoS) attacks, which overwhelm a targeted site with excessive traffic, rendering it inaccessible.
As a response, RZD expanded the number of ticket offices at railway stations to accommodate passengers who were unable to purchase tickets online. Cyberattacks targeting railway systems have the potential to significantly disrupt a country’s logistics and transportation networks.
Last year, the Belarusian state railway suffered a cyberattack that crippled its network, allegedly hindering the transfer of Russian troops into Belarus for military exercises. The hacktivist group Cyber Partisans claimed responsibility for the attack, stating that they compromised the railway system’s routing and switching devices, rendering them inoperable by encrypting the stored data.
The latest cyberattack on RZD highlights the vulnerability of critical infrastructure systems to malicious actors. Such attacks can cause major disruptions and financial losses.
As the threat landscape evolves, it is crucial for organizations and government entities to enhance their cybersecurity measures to protect against cyber threats targeting vital sectors like transportation and logistics.
