A distributed denial of service has hit the Sweden transport system, specifically its train network.
This has rendered delays in some areas to access train services, all as a result of automated booking and other services.
The two-day attack left the Sweden Transport Administration, Trafikverket, in a disarray as all the system’s services were at a standstill.
This is as reported by the officials from the transport sector.
First Attack Hits Transport Administration
The attack happened when the system’s train services were in high demand and used by many.
A lot of stranded customers did not understand what was going on as all the services became immediately unavailable.
This is all because the attack on the train system also affected local networks for social platforms like Skype.
Citizens who wholly depend on the train for morning transport were stranded without any means of digital communication.
A DDoS (Distributed Denial of Service) attack is a form of cyber attack on web servers which clogs the entry of legitimate users by blocking their request to log in or enter an online platform or site.
When such an attack takes place, a lot of incoming traffic gets flooded to the system, rendering it useless for a period of time.
There are different types of DDoS attacks which all work differently to slow down or stop a server from being accessed.
One of them is that which works by flooding the web server with the request while the other works by completely crashing a web server.
The first attack that took place on the Sweden Transport Administration’s systems was accomplished by the attackers using two companies by the name TDC and DGC.
These companies are the internet service providers for Trafikverket.
In the initial attack, the system that controls how train operators work was brought down.
This system’s function is to monitor the trains’ movements and stops.
This significantly affected the transport negatively that morning as no formal communication was offered after the attack began.
To make matters worse, the DDoS attack also affected Trafikverket’s email system, thereby bringing down the website and the road traffic maps used.
Leaving the commuters with zero lines of communication from officials.
As a result of the attack, the train operators opted to go back to the manual system of control to avoid inconveniences.
This was done due to a lack of quick recovery from the attack, and to bring a fast solution to commuters.
Simultaneously, the transport’s technical department was also working around the clock to help the system recover from the attack.
Eventually, they were able to do so a few hours later.
Although this initial attack did not last for long hours, a lot was learned.
It showed the level of threat posed by cybercrime to both private and public-sector transport entities in Sweden.
Day Two: A DDoS Attack on Transport Agency
The second Distributed Denial of Service attack was launched on the very next day.
This was directed to the website of the Swedish Transport Agency, Transportstyrelsen.
Transportstyrelsen is a different organ of the Sweden’s transport infrastructure that’s responsible for inspecting and regulating the public transport system.
These two attacks have brought fears to the Swedish government of its vital and critical documents being compromised.
The attacks are feared to leave bugs in the government agency’s websites, which could be used to compromise the same systems in the future.
Moving Forward After the Attack
Measures are being put in place to mitigate cybercrime in all sectors of the Swedish government moving forward.
This is all because hackers are evolving in their provocative way of penetrating into network systems and compromising data.
Bearing in mind that a DDoS attack to any network brings down the vital services offered to the public, there is a risk that such an attack could hit the agency at a time of need when other critical transport organs are in use.
This fear resonates with many citizens. And as most network security experts are warning, an attack of this calamity could be fatal if it happens during a time when manual backups cannot be put in place.
The critical threat posed by DDoS attacks is a major concern among both governments and companies across the globe.
Recent reports have revealed that almost 51 percent of the United Kingdom’s most vital infrastructures are at a risk of a potential DDoS attack.
In Finland last year, a DDoS attack temporarily disabled entire heating systems throughout two residential housing blocks in the middle of winter.
Major companies in the United States have also experienced their fair share of DDoS attacks—last year, for instance, one of the country’s largest domain name system providers experienced a widespread DDoS attack that brought down its systems for a day while the IT department worked to resolve it as fast as possible.
Who Was Behind the Attack in Sweden?
In the case of the recent attack on Sweden’s transport systems, speculations are unanswered as to who was responsible.
The Swedish government has blamed the Russian state for directing the attacks on the transport agency.
Recently, the Russian counterparts have been blamed of being involved in a series of cyber-weapons testing.
These allegations were made near the beginning of October, before the attack in Sweden.
In the past, other organizations and entities in Sweden have experienced several cybercrimes which are speculated to have originated from Russian hackers.
In April 2016, the Swedish government accused Russia for an attack in the country’s air traffic control system systems.
This cyber attack caused a massive amount of flight delays for a whole day back in November 2015.