Germany’s rail network was thrown into chaos on Friday night when it fell victim to the cyber attack roiling the world.
Hours after NHS hospitals were left crippled by the attack, Deutsche Bahn became the hackers’ latest high profile victim.
Using tools widely believed to have been developed by the US National Security Agency, the cyber criminals tricked victims into opening malicious malware attachments to spam emails that appeared to contain invoices, job offers, security warnings and other legitimate files.
The ransomware, called WannaCry, encrypted data on the computers, demanding payments of $300 to $600 to restore access.
Deutsche Bahn computers appeared to be infected with the virus, with the “ransomware” message demanding money appearing on screens at train stations.
Pictures posted on social media by commuters showed train information monitors displaying the ransom demand to unlock the computers.
Deutsche Bahn said: “Due to a Trojan attack there are system failures in various areas.”
Security experts warn there is no guarantee that access will be granted after payment. Some ransomware that encrypts files ups the stakes after a few days, demanding more money and threatening to delete files altogether.