San Francisco Municipal Railway computer systems hacked in a Ransomware attack and the authorities had to give away free rides all day long to its customers, on Saturday last week.
The San Francisco Municipal Transporation Agency (SFMTA) gave free service on its Metro light-rail all day long, on Saturday, after an apparent ransomware hack of the agency’s computer systems.
Pink ‘out of service’ notification showed on ticket machines at Powell Street station, where operators taped paper signs which read ‘Metro Free.’
San Francisco Municipal Railway (MUNI) spokesperson confirmed the news of the hack and administration had to shut down their systems and “opened the fare gates as a precaution to minimize customer impact.”
“There’s no impact to the transit service, but we have opened the fare gates as a precaution to minimize customer impact,” said Muni spokesman. “Because this is an ongoing investigation it would not be appropriate to provide additional details at this point.”
The station screens displayed a message that reads:
“You Hacked, ALL Data Encrypted. Contact For Key(cryptom27@yandex.com)ID:681 ,Enter.”
The Verge contacted the hackers via email which confirmed that he was seeking a deal with MUNI to remove the ransomware:
“we don’t pay attention to interview and propagate news ! our software working completely automatically and we don’t have targeted attack to anywhere! SFMTA network was Very Open and 2000 Server/PC infected by software! So we are waiting for contact any responsible person in SFMTA, but I think they don’t want a deal! So we close this email tomorrow!”
The hacker demanded 100 BTC ($73,184 USD) with current exchange rates.
However, SFMTA had no intention of paying the ransomware. On its website blog, it reads: “The SFMTA has never considered paying the ransom. We have an information technology team in place that can restore our systems, and that is what they are doing.”
Morphus Labs mentioned the same hacker in September in a link to a strain of ransomware called Mamba, which uses similar tactics to those used against MUNI.
At the time of the attack, experts at transit had no idea who was responsible for the cyber attack.
According to San Francisco Municipal Railway blog, “Upon discovering the malware, we immediately contacted the Department of Homeland Security (DHS) to identify and contain the virus. We are working closely with the FBI and DHS on this matter.”
Moreover, it reads, “Existing backup systems allowed us to get most affected computers up and running this morning, and our information technology team anticipates having the remaining computers functional in the next day or two.”
Photo: SFMTA
Share this article
About the Author
Peter Buttler an Infosec Journalist and Tech Reporter, Member of IDG Network. In 2011, he completed Masters in Cybersecurity and technology. He worked for leading security and tech giants as Staff Writer. Currently, he contributes to a number of online publications, including The Next Web, CSO Online, Infosecurity Mag, SC Magazine, Tripwire, GlobalSign CSO Australia, etc. His favorite areas Online Privacy, AI, IoT, VR, Blockchain, Big Data, ML, Fintech, etc. You can follow him on twitter.
More from Peter ButtlerRelated Posts
Passengers’ Data Stored on User Devices, not on DigiYatra Storage, says India Govt
KEY TAKEAWAYS Unblocking streaming content from Amazon Prime is easy only if you know the reliable V...
NCSC Chief: Clear Rules Needed to Prevent Cyberspace Conflict and Struggle
A safe and secure digital world necessitates a clear definition and enforcement of international cyb...
‘Revive’ has been upgraded to a banking Trojan on Android
This month, Cleafy’s security researchers discovered a new Android Banking Trojan in the wild....
Asian Industrial Control Systems Targeted by Hackers Using the Shadowpad Backdoor
Unpatched Microsoft Exchange servers in various Asian countries were the target of an attack campaig...
Data Breaches Could Occur Due to Kubernetes Misconfigurations That Were Leaked.
Over 900,000 Kubernetes (K8s) have been discovered to be vulnerable to malicious scans and/or data-e...
Attacks by Cybercriminals Will Become the Main Threat in 2024. Privacy Issues Tendencies
Internet Privacy is the main Concern today Advertisers track your online activities and interf...
