Subscribe
First Look

Weekend of free rides follows ransomware attack on Bay Area transit

The San Francisco Municipal Transportation Agency is the latest of several institutions to experienced a ransomware attack on computer systems.

  • close
    Muni riders and pedestrians brave the rain ino the Financial District of San Francisco on Friday, Oct. 14, 2016.
    Karl Mondon/ San Jose Mercury News via AP/ File
    View Caption
  • About video ads
    View Caption
of

San Francisco over the weekend became the latest city to have agencies hit with "ransomware" – a type of cyberattack that encrypts files, often refusing to decrypt them until hackers have received payment – continuing a trend of ransomware scammers targeting larger institutions.

The attack began on Friday and targeted computer systems associated with the San Francisco Municipal Transportation Agency's light rail system, affecting database servers, staff training records, emails, and even payroll systems. More than 2,000 of the 8,656 computers that transportation agency uses were affected, according to local news outlet Hoodline, and hackers demanded more than $70,000 in ransom – a fee they are unlikely to receive, Forbes reports, as the system is now back up and running. 

Ransomware is "like a thief locking you out of your house and charging a fee to let you back in," Mahendra Ramsinghani, a Silicon Valley venture capitalist who invests in security companies, told the San Francisco Chronicle. Initial ransomware attacks may involve locking out a computer and displaying pornographic or otherwise embarrassing images until victims pay small sums such as $10, according to the digital security agency Norton. In April, the Federal Bureau of Investigation estimated that ransomware demands could surpass $1 billion in 2016, CNN reported.

Recently, such attacks have begun to spread to larger institutions and corporations. In February, the Hollywood Presbyterian Medical Center fell victim to a malicious ransomware attack which seized control of the hospital’s computer systems and denied hospital workers access until about $17,000 in bitcoin was paid.

In March, ransomware hackers launched an attack on MedStar Health, a network of 10 hospitals in the Baltimore-Washington, D.C., area. And in June the University of Calgary announced that it had paid $16,000 to recover emails that had been encrypted for a week in a ransomware attack. Similar attacks have taken place against a county internet server in Indiana and, this week, one small-town Montana school system.

The most recent attack on the SFMTA shut down payment kiosks city-wide and displayed a message that read "You Hacked, ALL Data Encrypted" on agency computers. The attack effectively shut down access to the computer network, forcing officials to allow commuters free access to the city’s public transit system.

"There's no impact to the transit service, but we have opened the fare gates as a precaution to minimize customer impact," agency spokesperson Paul Rose told the local CBS affiliate. "Because this is an ongoing investigation it would not be appropriate to provide additional details at this point."

However, the incident left some passengers and employees nervous about the potential implications.

"I think it is terrifying. I really do," one passenger told CBS on Saturday. "I think if they can start doing this you know here, we're not safe anywhere." 

Meanwhile, transit employees questioned whether the agency would be able to access their systems in order to make payroll this week. As of Monday, however, online systems were back up and running, according to Forbes.

On Sunday, Mr. Ramsinghani, who said such ransomware attacks are rare for transit agencies, urged staff to be transparent about the ongoing investigation. 

"It is the duty of an agency such as SFMTA/Muni to inform people of what they have discovered," Ramsinghani told the Chronicle. "The fact that they have not stated anything tells me that there could be something deeper."

About these ads
Sponsored Content by LockerDome
 
 
Make a Difference
Inspired? Here are some ways to make a difference on this issue.
FREE Newsletters
Get the Monitor stories you care about delivered to your inbox.
 

We want to hear, did we miss an angle we should have covered? Should we come back to this topic? Or just give us a rating for this story. We want to hear from you.

Loading...

Loading...

Loading...

Save for later

Save
Cancel

Saved ( of items)

This item has been saved to read later from any device.
Access saved items through your user name at the top of the page.

View Saved Items

OK

Failed to save

You reached the limit of 20 saved items.
Please visit following link to manage you saved items.

View Saved Items

OK

Failed to save

You have already saved this item.

View Saved Items

OK