Proceedings of the International scientific and practical conference ―Science and Society‖ (February 26-28, 2026) / Publisher website: www.naukainfo.com. – Kharkiv, Ukraine, 2026. - 355 p.
106 "Ukrzaliznytsia" system resistant to lateral movement by hackers within the corporate environment. Another equally important issue is "algorithmic breach" via the activity of scalpers and botnets; when considering this, one should focus on the mathematical side of the issue. Automated scripts capable of making hundreds of requests per millisecond create a specific type of load on the system API that is difficult to distinguish from legitimate peak demand without using complex user behavior analysis systems. This manipulation allows for the mass buyout of tickets for resale at inflated prices. The solution was integration with the state identification service via cryptographic protocols ("Diia.Signature"). This did not merely complicate bot operations but changed the economic feasibility of such attacks, as the cost of identifying a fake user now exceeds the potential profit from ticket resale. Thus, "Ukrzaliznytsia's" digital security has evolved toward creating a holistic secure environment where technical defense measures are inseparable from socio-legal mechanisms [3]. Consider also the geopolitical context of critical infrastructure breaches. It forces us to view every attack as an element of a broader "digital attrition" strategy. Persistent DDoS attacks on the railway's public services, even if they do not lead to data leaks, force the company to expend significant computing resources on filtering junk traffic. From a scientific perspective, this raises questions about the efficiency of cloud-based traffic scrubbing systems and the use of Anycast protocols for load balancing. The ability of "Ukrzaliznytsia" to maintain online sales functionality during massive attacks demonstrates a high level of adaptability in its IT infrastructure, which is built on principles of elasticity and the rapid deployment of redundant capacities in secure zones. Based on the incidents and potential vulnerabilities mentioned above, the company has implemented intelligent security orchestration systems, SOAR [4], which are capable of automatically responding to incidents at speeds unattainable for a human operator. The implementation of neural networks for detecting latent signs of compromise has shifted the defense paradigm from reactive to predictive.
Made with FlippingBook
RkJQdWJsaXNoZXIy MTAxMzIwNA==