A Cyberattack Hits Ukraine's National Railway Operator Ukrzaliznytsia

A devastating cyberattack has brought Ukraine's national railway operator, Ukrzaliznytsia, to its knees. The attack on the company's online systems disrupted ticketing services, causing long lines at Kyiv's station and leaving passengers frustrated.

The incident was first reported by The Record Media, which revealed that the cyberattack had left Ukrzaliznytsia's customers unable to purchase tickets online. With no alternative, people were forced to wait in line to buy physical tickets, leading to overcrowding and lengthy delays. However, it's worth noting that the attack did not impact train operations.

Ukrzaliznytsia has confirmed that the attack was a "large-scale targeted cyberattack" that affected all of its online systems. The company has been working tirelessly to restore the affected systems, with the help of the Cyber Department of the Security Service of Ukraine. According to a statement published by Ukrzaliznytsia, "The key objective of the enemy was not achieved: train movement is stable, running on time without delays, and all operational processes are running in backup mode."

Despite the efforts to restore services, online ticketing remains down, with passengers expressing frustration at being unable to buy tickets easily. The company has apologized for the inconvenience and assured customers that it is strengthening morning shifts of ticket offices at the stations with additional employees.

The attack highlights the critical importance of Ukrzaliznytsia in Ukraine's transportation network. With airports closed due to the ongoing war, rail transport plays a vital role in moving people, delivering aid, and exporting goods. This underscores the need for Ukraine to protect its critical infrastructure from cyber threats.

It's worth noting that this is not the first time that Ukrzaliznytsia has been targeted by a cyberattack. In the past, the company has implemented backup protocols to mitigate such attacks. However, the latest attack was described as "highly systematic, non-trivial, and multi-layered," making it even more challenging for the company to restore services.

The authorities have declined to attribute the attack to a specific threat actor, but past cyberattacks on Ukraine's critical infrastructure have been linked to Russian nation-state actors. The investigation is ongoing, with Ukrzaliznytsia specialists, partners, and other organizations working together to thoroughly test services for potential vulnerabilities.

As the situation continues to unfold, travelers at Kyiv's railway station are left waiting in long lines to buy tickets offline. The railway's app remains down, leaving passengers without an easy alternative. We will continue to monitor the situation and provide updates as more information becomes available.