Ukraine’s national railway company, Ukrzaliznytsia, said on Wednesday that it had only been able to restore around 50% of its IT services after a massive cyberattack that hit in late March.
The disruption was initially reported on March 23 after the company notified travelers of a breakdown in its system and encouraged people to buy tickets in person or on board trains directly. Later, Ukrzaliznytsia announced that its web platforms had been hit by an advanced and targeted cyberattack.
Based on Ukrainian security sources, the attack has the markings of Russian involvement. A security official and government insider, both quoted anonymously, intimated that the dimensions and character of the incident make it probable that it was orchestrated by Russia. Since the February 2022 full-scale invasion, Russia has been occupying about 20% of Ukraine, with cyberwarfare being a staple of the conflict.
Deputy head of commercial department of Ukrzaliznytsia Valeriy Tkachev said that complete recovery of all IT services would take another “one or two weeks.” The firm confirmed, however, that online ticket sales were restored to an online presence by the end of March, at least providing some semblance of normalcy to passengers.
Ukrzaliznytsia, Ukraine’s biggest freight and passenger carrier, is key to the country’s logistics and war resilience. The recent cyber disruptions highlight the exposure of national infrastructure to cyber threats in the context of geopolitical tensions.
This is the most recent in a series of cyberattacks against Ukrainian institutions, adding further fuel to worries regarding the nation’s digital defense mechanisms and the broader cyber battlefield in the current war with Russia. While the railway company seeks to regain complete functionality, cybersecurity efforts throughout the country are kept at heightened alert.
