Cyberattack paralyzed Danish Railways for hours

A third-party IT service provider shutting down its servers resulted in a complete standstill on Denmark’s railways.

Denmark’s largest train operator, the state-owned railway carrier DSB, saw its trains clogging up the railroads for several hours after an IT service provider suffered from a cyberattack.

According to local media reports, the standstill was a result of an attack on Danish enterprise asset management solutions provider Supeo. The company developed software called the Digital Backpack 2 that delivers operationally critical information to DSB’s drivers.

After Supeo suffered from a cyberattack, the company turned off its servers, shutting down the Digital Backpack. Without access to the software, train drivers are virtually left blind since critical information, such as speed limits and railroad maintenance, is delivered via the Supeo app.

“It hasn’t targeted infrastructure or DSB, it was economic crime,” DSB’s chief of security, Carsten Dam Sonderbo-Jacobsen, told Reuters, adding that it was not clear who was behind the attack, but that investigations were ongoing.

Last August, the US convenience store chain 7-Eleven had to shut down in Denmark after a cyberattack disabled checkout and payment systems all over the country.

The group, which runs over 170 stores in Denmark, announced that it couldn’t use cash registers and accept payments, suspecting a cyberattack as the primary cause of the disruption.

It’s not the first time this year that IT system glitches and cyberattacks have impacted railway operators in Europe. Polish passenger train operator PKP suffered traffic disruptions over a glitch in the traffic control system in March.

Meanwhile, Italian railway company Ferrovie dello Stato announced the temporary closure of ticket booths and disruption of certain services following a cyberattack.