DDoS attacks on two separate days have brought down several IT systems employed by Sweden’s transport agencies, causing train delays in some cases.
The incidents took place early in the mornings of Wednesday and Thursday, October 11 and 12, this week.
The first attack hit the Sweden Transport Administration (Trafikverket) on Wednesday. According to local press, the attack brought down the IT system that manages train orders. The agency had to stop or delay trains for the time of the attack.
Trafikverket’s email system and website also went down, exacerbating the issue and preventing travelers from making reservations or getting updates on the delays. The agency used Facebook to manage the crisis and keep travelers informed.
Road traffic maps were also affected, an issue that lingers even today, at the time of publishing, according to the agency’s website.
Three Swedish transportation agencies targeted
Speaking to local media, Trafikverket officials said the attack was cleverly aimed at TDC and DGC, the agency’s two service providers, but they were both aimed in such a way to affect the agency’s services.
Trafikverket was able to restore service in a few hours, but the delays affected the entire day’s train operations.
While initially, some might have thought this was a random incident, the next day, a similar DDoS attack hit the website of another government agency, the Sweden Transport Agency (Transportstyrelsen), and public transport operator Västtrafik, who provides train, bus, ferry, and tram transport for parts of Western Sweden.
In perspective, both incidents give the impression of someone probing various parts of Sweden’s transportation system to see how the country would react in the face of a cyber-attack and downtime.
The DDoS attacks come a week after a report that Russia was testing cyber-weapons in the Baltic Sea region.
In April 2016, Swedish officials blamed Russia for carrying out cyber-attacks on the country’s air traffic control infrastructure that grounded flights for a day in November 2015.