Denmark's Train Network Stalled From Cyberattack on Subcontractor

Colin Thierry
Colin Thierry Writer
Colin Thierry Colin Thierry Writer

Denmark’s train network stalled late last month due to a cyberattack on a subcontractor, which national rail company DSB called an ‘economic’ crime.

DSB is an abbreviation for Danske Statsbaner (Danish State Railways), which is the largest train operator in Denmark and Scandinavia as a whole. The railways only operates passenger trains, while it lets other ones transport goods within the region.

On October 29, the DSB network came to a screeching halt due to a subcontractor’s failing IT network. While the root cause was unknown at first, some reports last week found that the breakdown on that day originated from a cyberattack on Supeo, which is a subcontractor that provides a critical app for train conductors.

With Supeo’s servers down, DSB was forced to stall their trains since conductors could no longer operate the trains safely.

“We were contacted by our subcontractor who told us that their testing environment had been compromised by criminal hackers,” DSB’s chief of security, Carsten Dam Sonderbo-Jacobsen, told Danish reporters.

“It hasn’t targeted infrastructure or DSB, it was economic crime,” he added in a separate exchange with reporters, hinting at a potential ransomware attack.

Supeo specializes in enterprise asset management solutions for the railway industry. It provides safety management tools to allow employees to create notifications regarding security incidents and enables instant communication of safety messages to employees. This includes temporary speed restrictions and maintenance work.

DSB is currently still investigating the security incident. At this moment, none of the high-profile ransomware operators have claimed responsibility for the attack.

“We are of course curious as to what the security breach consists of, but we simply do not know the answer yet,” DSB Head of Information Tony Bispeskov told reporters. “We will of course dive into it.”

“We are of course already in dialogue with the supplier in relation to clarifying what went wrong,” Bispeskov added. “I have been in DSB for 17 years and cannot remember anything like this happening before.”

About the Author

About the Author

Colin Thierry is a former cybersecurity researcher and journalist for SafetyDetectives who has written a wide variety of content for the web over the past 2 years. In his free time, he enjoys spending time outdoors, traveling, watching sports, and playing video games.

Leave a Comment