The German railway company Deutsche Bahn (DB) continues to be affected by the aftermath of a cyberattack. On its website, DB stated: “The current attack was a deliberate assault targeting DB and occurred in several waves. The scale of the attack is considerable.”
According to the company, it was a DDoS (Distributed Denial of Service) attack that began on Tuesday at midday. In a DDoS attack, thousands of devices simultaneously send so many requests to a website that it becomes overloaded, potentially blocking it or rendering it nonfunctional.
An Attack of Extraordinary Scale
The head of Germany’s Federal Office for Information Security (BSI) described the cyberattack on the railway company as extraordinarily large.
She told WDR radio that DB’s website and app had been hit with billions of requests per minute, overwhelming the booking systems and paralyzing them. This type of DDoS attack is “clearly on a large scale and unprecedented,” she noted.
Cybersecurity expert Jan Lemnitzer said that the attack on Deutsche Bahn’s IT systems is part of a broad, coordinated campaign of cyberattacks targeting multiple NATO countries. For example, in Denmark, several ministries, municipalities, and even a train ticket app, as well as major cybersecurity firms, were attacked. The Port of Rotterdam also experienced a similar assault.
The UK’s National Cyber Security Centre had warned about these attacks at the end of January.
In an interview with tagesschau24, Lemnitzer stated that it is clear Russia is behind these attacks. “This is a Russian campaign linked to Ukraine. The goal is to spread insecurity among countries supporting Ukraine,” he explained.
Concerns About Attacks on Energy Infrastructure
Recent cyberattacks have also targeted energy infrastructure. Experts are particularly concerned after a cyberattack in Poland a few weeks ago, where a highly aggressive and destructive malware — previously only observed against power plants in Ukraine — was used by Russian attackers.
Lemnitzer stressed that a greater concern would arise if similar attacks targeted German energy infrastructure. “DDoS attacks are certainly disruptive — for example, when someone wants to buy a train ticket — but they are manageable,” he noted.
