Italian railways attacked by ransomware: ticket sales stopped

A massive hacker attack paralyzed ticket sales for Italian railways. The breakdown of vending machines and sales offices at train stations across Italy caused chaos. There are now clues from the killers. how HD blog attackers reported that tickets for the trains Trenitalia and Ferrovie Dello Stato could no longer be sold at ticket machines and counters yesterday. However, it is still possible to buy tickets through the websites of railway operators. Apparently, there was an attack on the internal systems of the Italian railways, as the companies announced that ticket sales had largely been stopped as a precaution.

A commercial group behind the attack

In order not to have access to networks or the internet when buying tickets, the conductors now sell the tickets directly on board the trains at no extra cost to customers, the companies involved said. There is currently mounting evidence that Italian railway companies have fallen victim to ransomware attacks. In internal messages to employees of the companies involved, they were said to have been asked to immediately shut down computers connected to the company’s networks, because there were alleged “security vulnerabilities”.

Experts, therefore, assume that it is a ransomware attack. Meanwhile, the Russian-Bulgarian hacker group Hive reportedly reported the attack and claimed responsibility. The same group paralyzed Media Markt and Saturn’s merchandise management system in Germany and several other countries last year. In the case of the Italian railways, the attackers allegedly demanded payment of $5 million in the form of the cryptocurrency Bitcoin within three days. If payment is not made on time, the “ransom” should be doubled, they say.