Railways under hacker attack, what happened
Cyber attack on Railways, some Trenitalia and RFI systems affected. Ticket sales have been blocked both in physical ticket offices and in self-service stations in stations, while online sales are in operation. The collaboration of FS with Ibm
Hacker attack against Ferrovie dello Stato turns off all Trenitalia ticket offices on the national territory.
“From this morning on the computer network of Trenitalia and RFI, elements have been found that could lead to phenomena related to a cryptolocker infection. Verification activities on the network are in progress. As a precaution, some users of Trenitalia's physical sales systems have been deactivated ”. This was communicated by the FS group, reports Repubblica .
But there is more. "It is conceivable that the cyber attack on the railways that blocked some systems of the company is attributable to Russia". Ansa wrote it, reporting qualified sources of Italian security.
According to the Ansa institutional sources, "the type of attack and the modus operandi with which it was carried out would in fact be attributable to Russian hackers". At the beginning of the month, the CSIRT (Computer Security Incident Response Team), a structure established at the National Cybersecurity Agency, had issued an alert for possible cyber attacks in Italy linked to the conflict in Ukraine.
At the moment, checks are underway by the Postal Police and Railways.
In the meantime, the sale of tickets is blocked both in physical ticket offices and in self-service stations in the stations, while online sales are functioning.
All the details.
THE LOCATION OF RAILWAYS
The FS Group announced today that as of this morning on the corporate computer network "elements have been detected that could lead to phenomena linked to a cryptolocker infection: verification activities on the network are underway".
EMPLOYEES ORDERED TO TURN OFF PCS
“The extent of what happened is not yet clear, investigations are underway by the corporate protection structures of the Railways. In the meantime, employees have been ordered to turn off the terminals while waiting for the suspected intrusion into the computer system to be defined and to protect the data contained in the internal network ”, Corriere della Sera reports.
"Then there was a similar case on March 17: the many delays of high-speed trains had made us think of an attack but RFI had denied, excluding the criminal matrix", always remembers the Corriere.
“In that case the question had been“ archived ”by resorting to the typical attribution of the problems that occurred with the adjective“ of a technical nature ”. This time, however, it seems to have a different connotation from the usual inconveniences that are easy to find justification. The situation is probably really critical as internal communications can demonstrate ”, commented Umberto Rapetto, director of Infosec.news.
TURN OFF THE SALES TERMINALS
As a precaution, specified Fs, some users of Trenitalia's physical sales systems have been deactivated. therefore, it is temporarily not possible to purchase travel tickets in the ticket offices and self-service stations in the stations, while online sales are operational. "Even the booking of the services of the Blue Rooms of the Italian railway network may not take place with the usual regularity", added the company, underlining that passengers are allowed to board the train and present themselves to the conductor to purchase the ticket without extra charge. The recorded dysfunctions, the note concludes, do not impact on railway traffic, which proceeds regularly.
IBM SYSTEMS
For its sales services, Ferrovie dello Stato makes use of IBM, the US technology giant.
Trenitalia's sales system is in fact PICO, the Integrated Commercial Platform developed in 2012 in collaboration with Ibm Services. “Ibm developed Pico for Trenitalia using IBM software such as WebSphere, ILOG, DB2, MQ, etc. The solution is hosted in the IBM Data Center in Pero (Milan)”, reads a note .
Finally, in 2019 Ferrovie dello Stato Italiane and Ibm strengthened "their collaboration with a new project that improves the customer experience of travelers through artificial intelligence solutions". “Thanks to the new cloud-based cognitive platform, FS Italiane will be able to provide people with assistance services, twenty-four hours a day, with content and advice based on their habits and preferences” explained the companies.
(article updated at 18.30 on 23 March 2022)
This is a machine translation from Italian language of a post published on Start Magazine at the URL https://www.startmag.it/smartcity/ferrovie-sotto-attacco-hacker-che-cosa-e-successo/ on Wed, 23 Mar 2022 17:46:38 +0000.