Hackers breached Czech Railway Network
In recent days, cyber-attackers have attacked the computer systems of the Railway Administration and Czech Railways. However, they did not endanger safety on the tracks. The case is currently being dealt with by the National Office for Cyber and Information Security (NÚKIB). Deník N reports. Hackers have attacked the networks of government organizations in recent weeks.
“We can confirm that the Railway Administration has been facing a cyber threat since Friday, March 19. The National Office for Cyber and Information Security has been immediately informed of the seriousness of the attack,” confirmed institution spokesman Dušan Gavenda. The Railway Administration is in charge of railway lines’ operation and functioning and several station buildings in the Czech Republic.
Gavenda stressed that the Railway Administration is trying its best to avert the attack. “This situation does not endanger or reduce the safety of rail transport,” the spokesman added. However, he did not state whether the attackers obtained any data from the organization’s systems. It is not even clear whether the attack is related to the Microsoft Exchange service’s vulnerability, which NÚKIB previously warned against.
This afternoon, Czech Railways also confirmed the attack on its systems. “We are implementing additional preventive measures to increase cybersecurity. We are responding to an attack we discovered last week. The security system responded immediately to the hacker’s attempt,” the tracks said in their Twitter account. According to the company, railway traffic was not endangered and is not.
Last week, hackers attacked, for example, a medical facility in the Ministry of the Interior. It has sensitive information about members of the security forces. According to Interior Minister Jan Hamáček (CSSD), the attack failed. Hackers also used the vulnerabilities of Microsoft Exchange mail servers to attack the Prague City Hall systems or the Ministry of Labor and Social Affairs.
NÚKIB does not provide information on the entities concerned with regard to confidentiality. The Office has ordered companies and organizations subject to the Cyber Security Act to update servers immediately connected with Microsoft Exchange Server vulnerabilities.
Microsoft has released security vulnerabilities in early March for vulnerabilities that allow attackers to access e-mail remotely. According to experts, installing these fixes on all affected servers is necessary, not just those exposed to the Internet. If an attack has already occurred, administrators should remove the malicious programs, change the credentials, and examine any other attackers’ activity on the server.