Train Operations in Denmark Disrupted by Cyberattack

Over the past weekend, the operations of Denmark’s state-owned railway company (DSB) were paralyzed for several hours due to a hacker attack on a third-party IT service provider, Supeo.

According to Danish broadcaster DR, all trains of the country’s largest railway company came to a halt early in the morning on November 5, 2022. Service was only restored by 1:00 PM, and even then, trains could not run according to the regular schedule.

Critical IT System Targeted

The disruption was caused by issues with a critical safety-related IT system called Den Digitale Rygsæk 2, developed by Supeo. Supeo provides corporate solutions for railways, transport infrastructure operators, and passenger transport management.

Media reports indicate that train operations were affected because Supeo had to shut down its servers following the cyberattack. This led to the failure of some software used by train drivers. Specifically, Supeo supplies DSB with a mobile app that drivers use to access important operational information, including speed limits and details about railway maintenance. When the contractor decided to turn off its servers, the app stopped working, forcing train drivers to halt their trains.

Possible Ransomware Attack

Reuters reports that Supeo may have been targeted by a ransomware attack, although the company has not provided any details and only stated that it was an “economic crime” (apparently financially motivated). It is emphasized that the attack was not specifically aimed at DSB.