A recent cyber-attack caused the trains operated by Denmark’s largest train service DSB to come to a halt. Threat actors hit a third-party IT service provider associated with DBS, which slammed the brakes on. The cyber-attack hit the Danish company Supeo, an IT service that provides enterprise asset management solutions to railway companies, transportation infrastructure operators and public passenger authorities. DSB is the largest train operating company in Denmark.[1]
“Trains throughout the country stopped in the morning and only started running again at 1pm, while DSB expects that regional and long- distance trains will not run fully according to the timetable again tomorrow.” reported the local Danish media outlet DR. “DSB informs DR Nyheder that the paralysis of train traffic is due to an error in the safety-critical IT system ‘Den Digitale Rygsæk 2′.”
The cyber-attack impacted the Digital Backpack 2 platform, that is provided by Supeo, which allows train drivers to access operationally critical information using an iPhone or iPad. It is theorized that the threat actor targeted operational technology (OT) systems to disrupt operations.
Experts speculate that Supeo may have suffered a ransomware attack, the company told Reuters that the attackers are financially motivated. “We were contacted by our subcontractor who told us that their testing environment had been compromised by criminal hackers,” DSB’s chief of security officer told public broadcaster DR. “It hasn’t targeted infrastructure or DSB, it was economic crime,” he told Reuters.
Supeo is not commenting on the incident.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. For questions, comments or assistance, please contact the office directly at 1-844-492-7225, or feedback@wapacklabs.com
Weekly Cyber Intelligence Briefings:
- Reporting: https://www. redskyalliance. org/
- Website: https://www. wapacklabs. com/
- LinkedIn: https://www. linkedin. com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://attendee.gotowebinar.com/register/5504229295967742989
[1] https://securityaffairs.co/wordpress/138127/cyber-crime/cyberattack-blocked-trains-denmark.html
Comments