Ukraine Blames Russia for Railway Hack, Labels It “Act of Terrorism”


The recent cyber-attack that disrupted Ukraine’s railway systems was conducted by Russian-backed hackers, according to the Ukrainian government.

The attack occurred on March 24 and took down the online ticketing system of Ukrzaliznytsia, Ukraine’s state-owned railway company.

Yevheniia Nakonechna, Head of the State Cyber Protection Centre of the State Service of Special Communications and Information Protection of Ukraine (SSSCIP), gave a press briefing on the restoration of Ukrzaliznytsia’s services on April 1.

She relayed the conclusions of the Government Computer Emergency Response Team of Ukraine (CERT-UA), whose investigation found that the attack employed tactics, techniques and procedures (TTPs) “characteristic of Russian intelligence services.”

Furthermore, the cybercriminals utilized unique malware designed “with the attacked infrastructure’s specifics in mind.” Suggesting that the execution of such a cyber-attack required significant resources for preparation.

Ukraine: A Cyber-Attack on Critical Infrastructure is “An Act of Terrorism”

Nakonechna called the cyber-attack “an act of terrorism.”

“Disrupting the ticket sales system significantly impacted public services. The enemy clearly understands that these types of cyber-attacks are extremely painful and critical,” she said.

Oleksandr Pertsovskyi, Chairman of the Board of Ukrzaliznytsia, said that the website for purchasing tickets and the mobile application are now fully operational.

“The cyber-attack on the company was targeted and meticulously planned. However, not a single Ukrzaliznytsia train was halted for even a moment. This was due to well-prepared algorithms and procedures,” he added.

He also emphasized that there had been no data breaches of personal information.

Several Ukrainian government agencies assisted Ukrzaliznytsia in investigating and remedying the attack, as well as restoring systems, including CERT-UA, the SSSCIP’s State Cyber Protection Center and the Cybersecurity Department of the Security Service of Ukraine (SBU).

Andrii Bratus, Deputy Minister of Communities and Territories Development of Ukraine for Digital Development, Digital Transformations and Digitalization, noted that the experience gained from this attack would be used to strengthen cybersecurity for critical infrastructure.



Source link

Leave a Comment