CYBERSECURITY: Ransomware attack on S.F.’s transit system

Nov. 28, 2016

Hack forces transit authority to lift the gates, dole out free rides

In an unfortunate scenario over the recent Thanksgiving weekend, hackers apparently breached San Francisco’s mass transit system, forcing the agency to shut down its light-rail ticketing machines and point-of-payment systems and allowing passengers to ride for free.

A message reading “You hacked. ALL data encrypted” appeared on ticket machines Saturday morning, along with a contact email address—suggesting a ransomware attack, in which a hacker can lock out a system from its owners. Ransomware is sometimes, though not exclusively, attached to a demand for some form of payment in lieu of system release, thus the term “ransomware.”

The San Francisco Municipal Transportation System (Muni) immediately shut down its payment system, opening its gates to passengers. The system was restored the following morning, according to Muni. The agency did not disclose how the situation was resolved.

“At this point there are not any indications of any impacts to customers,” Muni spokesman Paul Rose told the San Francisco Chronicle. “We’re doing a full investigation to find out exactly what we are dealing with.”

Among the chief concerns is whether the Clipper smart-card system was also breached. Muni is among 20 Bay Area transit agencies using Clipper cards for transit payments. The cards are used for about 800,000 fare payments per day, according to the Bay Area Metropolitan Transportation Commission, and most cardholders have their credit-card data on file.

The hack also raises disturbing questions about the digital security of America’s infrastructure and public safety, not for least of which reasons, Muni trains are computer-controlled when running in underground tunnels. Officials stated that this attack did not appear to affect that system.

Earlier this year, a Southern California hospital’s computer system was held hostage by ransomware for more than a week, before the hospital paid about $17,000 in bitcoin to the hackers for its release.

The probe into the cause of the attack on Muni is ongoing. Any estimate of dollars lost to free faring has not, as of this writing, been tallied.

Sponsored Recommendations

The Science Behind Sustainable Concrete Sealing Solutions

Extend the lifespan and durability of any concrete. PoreShield is a USDA BioPreferred product and is approved for residential, commercial, and industrial use. It works great above...

Proven Concrete Protection That’s Safe & Sustainable

Real-life DOT field tests and university researchers have found that PoreShieldTM lasts for 10+ years and extends the life of concrete.

Revolutionizing Concrete Protection - A Sustainable Solution for Lasting Durability

The concrete at the Indiana State Fairgrounds & Event Center is subject to several potential sources of damage including livestock biowaste, food/beverage waste, and freeze/thaw...

The Future of Concrete Preservation

PoreShield is a cost-effective, nontoxic alternative to traditional concrete sealers. It works differently, absorbing deep into the concrete pores to block damage from salt ions...