Denmark’s Train Network Frozen Due to Cyberattack on Subcontractor

Denmark's train network came to a standstill on Oct. 29 due to a hacker attack on a subcontractor. National rail company DSB called it an ‘economic’ crime.

DSB, an abbreviation of Danske Statsbaner (Danish State Railways), is the largest train operator not just in Denmark, but in the whole of Scandinavia. It operates only passenger trains, letting other railways transport goods.

Late last month, the DSB network ground to a halt due to a subcontractor’s failing IT network. It didn’t know the root cause initially, but Reuters now reports that the breakdown on that fateful Saturday morning stemmed from a hacker attack on Supeo, a subcontractor that supplies a critical app for train conductors.

With Supeo’s servers down, DSB was forced to bring trains to a halt as conductors could no longer operate the trains safely.

"We were contacted by our subcontractor who told us that their testing environment had been compromised by criminal hackers," DSB's chief of security, Carsten Dam Sonderbo-Jacobsen, told Danish broadcaster DR.

"It hasn't targeted infrastructure or DSB, it was economic crime," he added in an exchange with Reuters, hinting at a potential ransomware attack.

Supeo specializes in enterprise asset management solutions for the railway sector. It provides safety management tools to allow employees to create notifications about security incidents and enables instant communication of safety messages to employees, including temporary speed restrictions and maintenance work.

The railway is investigating. So far none of the high-profile ransomware operators have claimed responsibility for the attack.