Russian Railways: Ukrainian intelligence disables Russian Railways’ main website in cyberattack

Ukrainian Cyberattack Disables Russian Railways’ Main Website

On June 8, Ukraine’s Defense Intelligence (HUR) Cyber Corps conducted a cyberattack that took down the primary website of Russian Railways (rzd.ru), disrupting its online services nationwide. The operation targeted the domain’s NS servers, which manage domain name resolution, rendering the site—and all associated subdomains—unable to convert domain names into IP addresses. As a result, mobile applications and other digital services linked to Russian Railways became inaccessible.

Russian Railways confirmed the attack, reporting a sustained assault volume of 6 gigabits and 2.5 million requests per second. Ukrainian officials described the incident as a “nonstandard operation,” though no further technical details were disclosed. The disruption affected users across Russia, highlighting vulnerabilities in critical infrastructure amid ongoing cyber warfare between the two nations.

Source: https://english.nv.ua/nation/ukrainian-cyberattack-disables-russian-railways-website-and-related-online-services-50520511.html

Russian Railways cybersecurity rating report: https://www.rankiteo.com/company/russian-railways

"id": "RUS1767603355",
"linkid": "russian-railways",
"type": "Cyber Attack",
"date": "6/2024",
"severity": "100",
"impact": "6",
"explanation": "Attack threatening the economy of geographical region"

{'affected_entities': [{'customers_affected': 'Users across Russia',
                        'industry': 'Transportation',
                        'location': 'Russia',
                        'name': 'Russian Railways',
                        'type': 'State-owned enterprise'}],
 'attack_vector': 'DDoS',
 'date_detected': '2024-06-08T20:54:00',
 'date_publicly_disclosed': '2024-06-08',
 'description': 'Ukrainian intelligence has claimed responsibility for a '
                'cyberattack that disabled the official website of Russian '
                'Railways, causing significant disruptions to its NS servers '
                'which manage domain name resolution. The attack rendered the '
                'railway’s online services inaccessible to users across '
                'Russia.',
 'impact': {'operational_impact': 'Online services and mobile applications '
                                  'inaccessible',
            'systems_affected': 'zd.ru domain, NS servers, mobile '
                                'applications'},
 'motivation': 'Disruption of Russian infrastructure',
 'post_incident_analysis': {'root_causes': 'DNS infrastructure disruption via '
                                           'DDoS attack'},
 'references': [{'date_accessed': '2024-06-08', 'source': 'Interfax-Ukraine'}],
 'response': {'communication_strategy': 'Public confirmation of the attack'},
 'threat_actor': 'HUR Cyber Corps (Ukrainian intelligence)',
 'title': 'Ukrainian Intelligence Disables Russian Railways’ Main Website in '
          'Cyberattack',
 'type': 'Cyberattack',
 'vulnerability_exploited': 'DNS infrastructure'}

Russian Railways: Ukrainian intelligence disables Russian Railways’ main website in cyberattack — media

Tinder, Capcom, ElevenLabs and Zendesk: Mass Spam Attacks Leverage Zendesk Instances

Appalachian Community Federal Credit Union: Data Breach at Appalachian Community FCU Exposes Sensitive Member Information

Grubhub: Suit Says Grubhub Failed To Protect Private Info From Breach