🚀💳 Trustee Plus - більше ніж криптогаманець з європейською платіжною карткою. Спробуй 👉
Марія БровінськаHot News
24 March 2025, 13:49
2025-03-24
"Everything was classified." Who takes care of the UZ infrastructure, what data has disappeared, and how not only the company's passenger divisions work now
For over a day, Ukrzaliznytsia has been trying to «drive out» of a large-scale cyberattack on the company’s servers and infrastructure. Experts state that the entire infrastructure has been hacked. The management hopes to restore the operation of passenger online systems in a few days, after obtaining backups.
However, UZ is not only about passenger transportation and ticket sales. The system is much larger. dev.ua tried to find out more than what is being made public.
For over a day, Ukrzaliznytsia has been trying to «drive out» of a large-scale cyberattack on the company’s servers and infrastructure. Experts state that the entire infrastructure has been hacked. The management hopes to restore the operation of passenger online systems in a few days, after obtaining backups.
However, UZ is not only about passenger transportation and ticket sales. The system is much larger. dev.ua tried to find out more than what is being made public.
Infrastructure
According to the publication’s interlocutors, IT at Ukrzaliznytsia is handled by the branch «Main Information and Computing Center» of the joint-stock company «Ukrainian Railways».
All of the monopolist’s data is stored on its own infrastructure. That’s why Ukrainian cloud data center specialists don’t know the details of the hack.
Moreover, the UZH GIOTC holds its own tenders for the purchase of hardware and software to support and launch IT systems. «Zero internal information, since everything is classified,» states one of the market participants on condition of anonymity.
What data disappeared?
According to specialists from individual UZ departments, the systems currently store data that was entered before 6:00 a.m. on March 23. Everything that was entered later has disappeared.
Judging by the fact that the attack is aimed at destroying data, it can be assumed that a Wiper-type virus was used for the attack.
What employees say
According to company employees, all systems have now been restored to manual operation, without the use of technology. In particular, thanks to analog accounting, the cargo transportation and sorting system is increasingly working correctly.
In some departments, employees have been asked not to touch their computers. Currently, those specialists who have tried to reboot their computers see nothing on their display — a black screen.
As a reminder, on Sunday morning, March 23, Ukrzaliznytsia reported a failure in the company’s IT system. The company did not immediately indicate the reasons for the failure. In the morning, the chairman of the board of UZ admitted that an unprecedented cyberattack was carried out on the servers and IT resources of Ukrzaliznytsia — targeted, complex and multi-level. Online services are still not working.
Cyber experts also gave their first assessments of a large-scale hacker attack on the servers and IT infrastructure of Ukrzaliznytsia.
«To hack a straw-man IT house like Ukrzaliznytsia, you don’t need super-technologies. It’s enough to have access to the Internet and a couple of hundred dollars to buy 1-2-day exploits on the black market.» Cyber experts gave their first assessment of the attack on UZ
UPD. Targeted, complex and multi-level attack on servers and IT resources of Ukrzaliznytsia. Online services have been down for 24 hours: how to buy tickets
