T-Systems Hungary to develop new platform for BKK’s e-ticket system at its own expense by the fall

T-Systems Hungary shall deliver by the fall a top-quality solution that can withstand a greater level of overload and number of cyberattacks at the company’s own expense.

T-Systems Hungary had been charged with the task to build a stable, easy-to-use online ticket system along the requirements and with the features specified by its customer. A system development process never stops upon delivery, but the work continues on the basis of findings and feedback provided by users.

Certain deficiencies have been identified in the system that called for further development work, and the company's development team continues to further develop the system accordingly.

The wave of cyberattacks launched against the service had made it necessary that BKK suspend its online ticket and travel pass service after a few days. Following the launch of the service, there were three waves of different cyberattacks of differing types and intensity launched against different parts of the system.

The first ones that required IT expertise were a number of relatively fewer attempts made to hack the system. In the second wave, a wider range of different types of attempts were made. From that point on, 9450 automated malicious requests were initiated from 87 different IP addresses, requiring even more sophisticated IT expertise. The third wave launched partly from servers abroad was of such an extent that lead to the complete shutdown of the service.

Prompted by the alleged data protection incident, T-Systems Hungary immediately launched a full-scale investigation, and in addition to that, it retained the international consultant firm, EY to conduct an independent external investigation, too.

“The objective is to make the infrastructure stronger, more robust and able to withstand greater overloads, while offering several different and far more secure payment methods, with the option of a user-friendly mobile application, delivered as early as this fall,” said T-Systems Hungary’s CEO. Zoltán Kaszás added that the company shall perform the further development of the system at its own expense, and will apply so-called “bug bounty” methods for testing purposes, which are used to explore vulnerabilities on well-regulated technical platforms”.