Swedish transport authorities were hit by cyber attacks on Wednesday and Thursday, October 11 and 12. The attacks have brought down several IT systems causing delays of the train transportation.
The first attack hit the Sweden Transport Administration (Trafikverket) on Wednesday and paralyzed the IT system that manages train orders triggering the agency in stopping or delaying trains while hackers were powering the attack.
Local media reported the Trafikverket email system and website went down, preventing travelers from making reservations or getting information about the delays.
The agency used Facebook to provide updates on the situation to the travelers.
“The Swedish Transport Administration suffered during the night against Wednesday and during Wednesday morning of major IT disturbances that made the site down, which meant that travelers could not get information about the delays that occurred.” reported the Swedish public broadcaster SVT.
“- Several systems were affected by IT interference, including our drive system that shows where the trains are located. Most systems are running now, but the problems are not completely solved, continuing delays are waiting, says Pär Aronsson, Press Communications Officer at the Swedish Transport Administration.”
Trafikverket officials confirmed the DDoS attack was aimed at the agency’s service providers TDC and DGC with the intent to affect the agency’s operations.
Trafikverket was able to restore service in a few hours, but the delays affected the entire day’s train operations.
“Public transport operators Västtrafik in western Sweden were also hit by two similar overload attacks on Thursday, briefly crashing its ticket booking app and online travel planner.” reported The Local website.
“It could be a prank or someone trying to investigate what kind of protection Trafikverket has,” Patrik Gylesjö, deputy CEO of internet provider DGC told Computer Sweden.
Crooks or State-sponsored attacks?
It is difficult to attribute the attacks to specific actors with the information available, experts speculate the involvement of a nation-state attacker who was probing Sweden’s transportation infrastructure.
Someone noticed that the DDoS attacks hit Swedish transport agencies a week after the Russia conducted the Zapad drills that according to intelligence experts were conducted by Russia to test its cyber capabilities and simulate an attack on all Baltic countries, including the use of cyber weapons.