Ukraine Railway Systems Attacked By Russian Hackers

Uploaded on 2025-03-25 in NEWS-Cybersecurity News, INTELLIGENCE-Hot Spots-Russia, FREE TO VIEW

Online train tickets have been unavailable in Ukraine due to a sophisticated cyber hack, which the Ukrainian Ministry of Justice says Russia is behind this attack. Ukraine’s national railway company Ukrzaliznytsia, confirmed in a statement that the cyber attack had taken place on March 24.

The company said this attack was “very systematic, complex, and multi-level”. It took down its online portal, rendering the sale of tickets online impossible at least until March 25. So far, back-up protocols are keeping trains running 

Ukrzaliznytsia’s infrastructure is frequently targeted by Russian drones and missiles and cyber attacks. 
Following the latest attack, the rail company doubled the number of ticket windows and staff at several stations, including Kyiv, to accommodate passengers. Users were advised to purchase domestic and international paper tickets through those ticket offices operating with more staff. Passengers aiming to travel after March 25th have been advised to refrain from visiting ticket offices to avoid queues and to allow those with imminent departures to be served.

Ukrzaliznytsia stated that its experts are working closely with the Cyber Department of the Security Service of Ukraine (SBU) and the Ukrainian Computer Emergency Response Team (CERT-UA) to restore all disrupted services. “As Ukrzaliznytsia has been the target of cyber-attacks in the past, the company has implemented backup protocols,” the company added.

“The key thing is that the enemy was not able to disrupt the train schedule: trains are running stably, on schedule, and without delays, and all operational processes have been adjusted to a backup mode. The railway continues to operate despite physical attacks on infrastructure and will not be stopped by even the most malicious cyber-attacks.”

A complete restoration of user-facing online services will only be possible once the railway company and its partners have tested services for potential vulnerabilities.

With many Ukrainian airports shut down and air traffic suspended due to the Russian invasion, Ukraine's railways remain a vital lifeline for the country's economy. 

Kyiv Indepndent   |  Pravda   |  Railtech  |   Bleeping Computer  |   Infosecurity Magazine   |   The Record     

Image: @Ukrzaliznytsia

You Might Also Read: 

Poland’s Train Network Disrupted:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Sign up for our FREE Weekly Newsletter
Combatting Rising AI Attacks With AI-Powered Defences  »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Continuity Shop

Continuity Shop

Continuity Shop provides training and consultancy in Business Continuity and Information Security to some of the world's biggest organisations.

LogmeOnce

LogmeOnce

LogmeOnce provides users with solution to multiple Password problems, Single Sign-On (SSO), and Identity Management.

Idemia

Idemia

Idemia is a global leader in security and identity solutions.

Nexus Group

Nexus Group

Nexus Group develops identity solutions for physical and digital access.

TokenOne

TokenOne

TokenOne is a Cyber Security software company that makes it easy to replace passwords, tokens and other forms of authentication with a more secure solution.

VU Security

VU Security

VU is a specialist in Cybersecurity software development with a focus on the prevention of fraud and identity theft.

Infosistem

Infosistem

Infosistem is a Croatian ICT company with extensive expertise and experience in enterprise and SMB ICT projects and solutions.

Center for Cyber & Homeland Security (CCHS)

Center for Cyber & Homeland Security (CCHS)

The Center for Cyber and Homeland Security at Auburn University is a nonpartisan think tank that works to develop innovative strategies to address current and future threats to the United States.

Cyber NYC

Cyber NYC

Cyber NYC is a suite of strategic investments to grow New York City’s cybersecurity workforce, help companies drive innovation, and build networks and community spaces.

Greylock Partners

Greylock Partners

Greylock Partners is a leading venture capital firm based in Silicon Valley. We invest in all sectors of enterprise software technology including applications, cloud/SaaS, networking and security.

ShorePoint

ShorePoint

ShorePoint is an elite cybersecurity firm dedicated to improving the cyber resilience of Federal agencies and their missions.

Responsible Cyber

Responsible Cyber

Protect yourself with Responsible Cyber’s 360° platform, IMMUNE, arming you with comprehensive support for your business.

ValueMentor

ValueMentor

ValueMentor is a leading cyber security service provider in the Middle East. We enable clients to reduce risk by taking a strategic approach to cybersecurity.

Cyber Security Works (CSW)

Cyber Security Works (CSW)

Cyber Security Works is your organization’s early cybersecurity warning system to help prevent attacks before they happen.

Jersey Cyber Security Centre (JCSC)

Jersey Cyber Security Centre (JCSC)

Jersey Cyber Security Centre is the jurisdiction's Cyber Emergency Response Team (CERT) and national technical authority for cyber security.

RELIANOID

RELIANOID

RELIANOID is an application delivery controller and load balancing system that ensures high performance and security of IT services on a massive scale.