You are here

HomeJohn Lister › San Francisco Trains Hit By Hackers

San Francisco Trains Hit By Hackers

John Lister's picture
by John Lister on November, 29 2016 at 12:11PM EST

Hackers had an unexpected deal for San Francisco passengers on Black Friday: free journeys thanks to a ransomware attack.

Officials were forced to suspend charging on the Municipal Railway system after hackers took control of payment computers. While the problem has now been fixed, it's not known if officials paid up a reported $73,000 ransom to regain access.

The hackers manipulated the computer systems so that screens did not allow customer interaction and instead displayed a message reading "You Hacked, ALL Data Encrypted. Contact For Key (cryptom27@yandex.com)ID:681, Enter."

Attack Might Not Have Been Targeted

Staff then put up signs saying the payment system was out of service and telling customers they could ride free of charge. That could have proved hugely expensive: the system has a reported average of more than 600,000 rides a day with a standard adult charge of $2.25, meaning the lost revenue could easily have run into the millions.

It's possible the hackers simply struck lucky. When reporters contacted the listed email address, the respondent said the software which found unsecured systems and distributed the malware was running automatically rather than targeting specific potential victims. (Source: theverge.com)

The replies from the address also said that the San Francisco Municipal Transportation Agency had received a demand for 100 units of the online virtual currency Bitcoin. That's equivalent to around $73,000.

Hack Mirrors Videogame Storyline

The payment system began returning to normal on Sunday, though some drivers were still following handwritten instructions for their route assignments, rather than the usual computer printouts. (Source: sfexaminer.com)

San Francisco Municipal Transportation Agency officials have only said there is an ongoing investigation and refused to give details of exactly which data and networks was compromised or whether any payment was made to regain access.

Ironically a video game released earlier this month, Watch Dogs 2, involves a storyline where the player's character tries to hack public computer systems in San Francisco.

What's Your Opinion?

Should officials have paid the reported ransom in this case? Is it worth paying $73,000 when millions of dollars of revenue are at stake? Or is it a point of principle not to pay up and risk encouraging future attacks?

Filed under:
Security
| Tags:
hackers
,
payment
,
system
,
officials
Rate this article: 
Average: 5 (2 votes)

Comments

Dennis Faas's picture

Submitted by Dennis Faas on Tue, 11/29/2016 - 12:56

A million a day is a lot of lose if they could simply "unlock" the system with a key. However, even if the ransomware was paid, what guarantee is there the system won't be hacked again? Once the firewall and data has been breached, then anything can happen moving forward. I certainly would not agree to pay for a key simply for this reason. If they had the proper infrastructure put in place then they should also have a proper backup of the system as well, so restoring the systems should have been the proper method. Once the systems are back up, do a full scan for malware.

ecash's picture

Submitted by ecash on Tue, 11/29/2016 - 15:54

I agree..
Make a system and Back it up, BEFORE you release it..
Even with updates, it would be easy to have a BASE unit at HOME, and install the update, and BACKUP again..

But its also the idea that Some hacked a unit that was on the net.. Its been discussed many times and everyone knows it, that Security and encryption are Needcd for most things.
HOW did a data packet get installed on a remote machine, and into the system..
Send an email and expect an IDIOT to open it??

sixer_8349's picture

Submitted by sixer_8349 on Tue, 11/29/2016 - 18:24

the firewall has nothing to do with it.

some idiot clicked on an attachment.
and then they may have had to click again to run a program.

this is a people problem not a security software issue.

sixer_8349's picture

Submitted by sixer_8349 on Tue, 11/29/2016 - 18:22

they should deduct it from the idiots running that place and pay for it.

do not spend our tax money on paying it. do not give free rides that our taxes will have to subsidise.

pay it then get a new secure computer to replace it.

no guarantee that they wont leave something behind to do this again in the future.

Need Help? Ask!



My name is Dennis Faas and I am a senior systems administrator and IT technical analyst specializing in cyber crimes (sextortion / blackmail / tech support scams) with over 30 years experience; I also run this website! If you need technical assistance , I can help. Click here to email me now; optionally, you can review my resume here. You can also read how I can fix your computer over the Internet (also includes user reviews).

We are BBB Accredited

We are BBB accredited (A+ rating), celebrating 21 years of excellence! Click to view our rating on the BBB.