During the Thanksgiving holiday weekend, Muni’s cyber security agents were dealing with a system hack that had been going on since Friday, November 25th. However, the San Francisco Municipal Transportation Agency did not disrupt transit, nor did it announce the breach publicly. Instead, the ticket machines were put out of order and the passengers were able to ride the metro for free.
On Friday evening, November 25th, 2016, the message “You Hacked, ALL Data Encrypted” alerted the Muni security agents. Shortly after, the ticket machines were taken offline as a precaution.
Muni Officials’ Report
After being the target of a cyber attack, the public transportation agency offered free metro rides for the weekend, while competent security agents were investigating the incident. According to Paul Rose, Muni spokesman, the hackers’ main focus were the ticket machines.
However, the team of investigators is not sure of all the implications the attack could have had on other Muni systems. Nevertheless, Paul Rose is certain that the attack didn’t damage the integrity of the security systems or private information belonging to the customers.
According to Mr. Rose, the customers’ personal details along with ticket online purchases are handled by a different agency, which has not been affected by the attack. The Muni spokesman ended his statement on Sunday saying that the event is unprecedented.
Investigators’ Findings
Mahendra Ramsinghani, a venture capitalist, is also surprised by the Muni incident. Together with a team of investigators, she described the hack as a ransomware assault. This particular type of malware prevents the users affected from accessing their personal systems, in general. In order to unlock his computer, the targeted user would have to pay a ransom so he may be granted access again. According to Ramsinghani, the hackers usually demand a bitcoin transfer.
However, Mahendra Ramsinghani did not further comment on the possibility of a ransom demand in the Muni incident, as the ongoing investigation has not concluded. Nevertheless, Mr. Ramsinghani hinted that the Muni incident is indeed a ransomware attack.
According to the venture capitalist investor, churches, hospitals, and schools are the main target for hackers, as these are the most vulnerable organizations. In 2016 alone, approximately $1 billion was paid in ransomware payoffs.
Furthermore, Mr. Ramsinghani fears that the attack may have greater implications than initially stated. Mainly because Muni has given out little information regarding the cyber attack over the course of several days. In contrast, the transportation agency informed the general public about several other aspects, such as sidewalk parking or dysfunctional elevators.
Image Source: Pixabay
