BERLIN — Germany’s national rail operator, Deutsche Bahn (DB), has successfully repelled a large-scale cyberattack that crippled its digital infrastructure for nearly 48 hours. The assault, categorized as a Distributed Denial of Service (DDoS), targeted the heart of the traveler experience, knocking the company’s website and the critically essential DB Navigator app offline.
The disruption began on the afternoon of Tuesday, February 17, 2026, and continued in aggressive “waves” through Wednesday. While rail operations remained physically active, hundreds of thousands of commuters were left unable to book tickets, check live timetables, or access digital reservations.
The Attack: Waves of Digital Overload
A DDoS attack operates by flooding a network with a catastrophic volume of artificial traffic, effectively “suffocating” the servers. DB officials described the scale of the incident as “considerable,” noting that the attackers were persistent.
“The current attack specifically targeted DB and was carried out in multiple waves,” the company stated in an emergency briefing. While the website (bahn.de) saw intermittent recovery on Tuesday evening, a second, more powerful surge on Wednesday morning forced systems back into a state of “unavailability.”
Sovereignty and Suspicion
While Deutsche Bahn has officially declined to name the perpetrators, the geopolitical context has not gone unnoticed. Sources within the German Ministry of the Interior, cited by Der Spiegel, indicate that authorities are investigating a pro-Russian nexus.
Historically, groups like NoName057(16) and Killnet have targeted European critical infrastructure following political tensions. This incident follows a pattern of “hacktivism” intended to cause social friction rather than steal data. DB has emphasized that customer data and financial records remain secure, as the attack targeted system availability rather than the databases themselves.
The Aftermath: Restoring the Network
As of late Thursday, February 19, 2026, systems have largely stabilized. DB IT specialists, working in coordination with the Federal Office for Information Security (BSI), have implemented advanced filtering layers to mitigate any further surges.
- Customer Impact: Though trains continued to run, the “digital blindness” led to crowded ticket counters and confusion at major hubs like Berlin Hauptbahnhof and Frankfurt.
- Economic Toll: While a specific figure has not been released, the loss in digital ticket sales during the 24-hour peak is estimated in the millions of euros.
- System Resilience: DB has pledged an immediate review of its “cyber-resilience” frameworks, acknowledging that as transport becomes increasingly paperless, digital outages are effectively operational outages.
Future-Proofing the Rails
The attack serves as a stark reminder of the vulnerability of national transport networks in an era of hybrid warfare. For the German government, the priority has shifted from simply running trains on time to ensuring the invisible digital tracks they run on are just as robust as the steel ones.
