The Sacramento Regional Transit (SacRT) system fell victim this past weekend to computer hackers. The hackers erased data and are now threatening to do more harm if SacRT doesn't pay them one bitcoin, now worth approximately $8,000.
The attack erased parts of computer programs on the agency’s servers that affect internal operations, including the ability to use computers to dispatch employees and assign buses for routes, according to SacRT Chief Operating Officer Mark Lonergan.
The agency took down its web homepage for customer information and shut down its systems for processing credit card payments on Connect Cards until agency officials can add security to prevent hackers from getting into SacRT's computer system in the future.
Bus and rail service was not affected, according to officials, nor was the agency’s mobile fare app, which is on a separate cloud-based system.
The hackers announced their presence on Saturday when they altered the agency’s main webpage with the following statement:
“I’m sorry to modify the home page,i’m good hacker,I just want to help you fix these vulverability. This is one of the loopholes, modify the home page is to let you now there are loopholes. Not just this one loophole! It’s Very Dangerous!!please contact me as soon as possible. Please contact me email to help you fix these . . .”
That message turned out to be a trap. When technicians went into the SacRT system to check out the damage, it unleashed the attack Sunday morning that erased the virtual servers. The hacker or hackers then sent a Facebook message to SacRT demanding ransom, with the message saying, “hello, I will always attack your website, we are hackers. we can do everything. Pay us now to stop attacking.”
The hackers, who are apparently versed in realistic ransom demands, asked for a bitcoin—whose worth soared above $8,000 on Monday. SacRT did not respond to that demand. Lonergan said the agency's security systems had already noticed that data was being erased.
Source: The Sacramento Bee