Ukrzaliznytsia, Ukraine's national railway operator, has just suffered a massive cyberattack. On Sunday, March 23, 2025, online ticket purchasing services were interrupted and eventually became completely inaccessible. It is no longer possible to purchase a train ticket through the official website or smartphone app.
Faced with this major attack, the Public Joint Stock Company Ukrainian Railways was forced to redirect Ukrainians to the train station ticket offices. They quickly became overcrowded with travelers. Several train stations, including Kyiv, were crowded. Daryna Antoniuk, a journalist on the scene, said the station was "exceptionally crowded Monday morning, with dozens of people waiting in long lines to buy tickets for travel within Ukraine and abroad."
Since the Russian invasion, all air traffic in Ukraine has been suspended. The state-owned company has compensated by transporting millions of passengers and essential cargo.
Ukrzaliznytsia quickly strengthened human resources allocated to ticket offices with "additional employees". Despite the operator's efforts, the queues remained interminable. At the same time, the state-owned company allowed members of the Ukrainian army to purchase tickets on board from the ticket controller. The operator asked those who had already purchased their tickets online to use the PDF copy sent to their email address when booking. The mobile app is unable to display the train ticket, as is usually the case.
The railway is resisting
Ukrzaliznytsia clarifies that "trains are running according to schedule", although "our system is still the target of a massive cyberattack". As the operator explains in Telegram posts, "the enemy's key objective has failed". Indeed, "Rail traffic remains stable, operating as planned without delays, and all operational processes have been put into backup mode.".
The operator says it has been accustomed to cyberattacks for several years. Regularly targeted by hackers, the firm has therefore implemented "backup protocols".
Ukrzaliznytsia explains that it is collaborating with experts from the Cybersecurity Department of the Security Service of Ukraine (SBU) and the government's Computer Emergency Response Team (CERT-UA) to restart the affected systems as quickly as possible.
A Russian cyberattack?
All eyes are obviously on Russia, which has increased cyberattacks against Ukrainian infrastructure since the February 2022 invasion. Ukrzaliznytsia is indeed accusing Russia, between the lines, under the name of "the enemy". Over the past three years, Russian hackers have notably attacked the country's government agencies, the national news agency, and the mobile network. These attacks should contribute to undermining public morale as well as the trust placed in Volodymyr Zelensky's government. Ukraine has taken to counterattacking with the help of its own hackers. It has also paralyzed Russian operators present in Crimea during a large-scale DDoS attack.
Source: TechCrunch
0 Comments