Hot News :
  • A senior member of the New Patriotic Party (NPP), Joe Gharte.. 18
  • The Minister for Finance, Dr Cassiel Ato Forson, has assured.. 39
  • Ghana marched into the quarter-finals of the TotalEnergies C.. 37
  • The United States Government has donated 14 mine-resistant, .. 37
  • The second edition of the Ghana Business League Awards (GBLA.. 157
  • Today marks the 25th anniversary of Otumfuo Osei Tutu II&#39.. 225
Search
Sign In
  • Home
  • News
    • Financial
    • Business
    • Social
    • Extra
    • Politics
    • Health
    • Education
    • Opinion
    • Religion
    • Science
    • Technology
  • Sports
  • Entertainment
    • Music
    • Movie
    • Gossip
  • Institutions
  • Blogs
  • Classifieds
    • Events
    • Auto
    • Real Estate
    • Announcement
  • Lifestyle
    • Gadgets
    • Recipes
    • Fashion
  • Jobs
  • Contact us
Homeblogs
Scroll Down for More
general-articles blogs

SF Muni Hack a Wake-Up Call for Public Systems

Richard Adhikari Richard Adhikari By Richard Adhikari
26 Nov 2016
  • 0
  • 156
  • read
  • blogs, general-articles
Share This
Article:
Font size:
Write a Comment Report
Print

The San Francisco Municipal Transportation Authority, or SF MTA, was hacked on Friday.

"You Hacked, All Data Encrypted," was the message reportedly displayed on computer screens at the authority's stations throughout the city. "Contact for Key (cryptom27@yandex.com)ID:681 , Enter."

Fare payment machines at underground stations were out of order, resulting in free rides on the subway and light rail system known locally as "SF Muni."

Some SF MTA employees' email systems did not work, The San Francisco Examiner reported.

The MTA locked its subway fare gates in an open position to enable free riding, according to the paper.

The agency was hit by a ransomware attack that disrupted some of its internal computer systems, including email, according to spokesperson Kristen Holland.

The attack didn't affect transit service or buses, she noted. Neither customer privacy nor transaction information were compromised, and the situation was contained.

All About the Dough

A person at the email address provided by the hacker, who identified himself as "Andy Saolis" to the Examiner, demanded 100 bitcoins -- equal to about US$73,000 -- to release data captured from the MTA.

The MTA payment system was inaccessible over the weekend, according to the Examiner, and employees were concerned that the personal data of the agency's nearly 6,000 employees was at risk.

Saolis indicated the attack was "for money, nothing else."

"Andy Saolis" is the name used by the attacker who launched a full disk encryption ransomware package that Morphus Labs discovered earlier this year and dubbed "Mamba."

Open Muni

The MTA's network was penetrated after an employee downloaded a torrented computer file that contained a software key code generator, Saolis reportedly said. That automatically launched an admin-level infection.

The SFMTA network was very open, he maintained.

Saolis threatened to close the email Monday if he hadn't heard from the MTA, which would lock the agency's infected computers out of its network permanently.

"It looks like the Muni scheduling and billing systems are running on the same machines as the employees' email systems," said Michael Jude, a program manager at Stratecast/Frost & Sullivan.

"This implies that the Muni operations are exposed to external attack," he told the E-Commerce Times.

Muni "should have critical operations and management systems running in a secured environment, ideally one not exposed to outside access," Jude suggested.

The Very Real Public Threat

Penetrations of this sort "can easily escalate to life-threatening events," Jude warned. "Simply messing with route scheduling could lead to confusion or, possibly, collisions."

Mass transit and passenger rail systems, including buses, light rail and subways, are one of the seven key subsections in the United States Transportation Systems Sector.

The U.S. Department of Homeland Security, which oversees the sector jointly with the U.S. Department of Transportation, has issued a cybersecurity framework implementation guidance and a companion workbook for owners and operators in the sector to help reduce cyber risks.

Keeping Transit Systems Safe

"The threat environment warrants evaluating security controls for any organization that relies on computer systems for providing a service or running a business," said Tim Erlin, senior director of IT and security at Tripwire.

Ensuring adequate network separation "is a good first step," he told the E-Commerce Times. "Other basic best practices include monitoring for and patching vulnerabilities, validating secure configurations are in place, and watching system logs for indications of malicious activity." 

Tags :
Science Technology Business Lifestyle

Source:



Please rate this
Poor Excellent
Votes: 0 |NaN out of 5
Fighting poverty, ignorance and disunity in Ghana; the TUDEC experience
Prev article Fighting poverty, ignorance and disunity in Ghana; the TUDEC experience
Of Samira Bawumia's Outfit At The Inauguration
Next article Of Samira Bawumia's Outfit At The Inauguration
Richard Adhikari

..

View Profile
Follow:
Related Posts
general-articles
© Image Copyrights Title

Press Statement from the Secretarial of Progressive Alliance for Ghana PAG on the petitions against the Chief Justice

09 May 2025
general-articles
© Image Copyrights Title

Beware of the ‘humble protégé’ who never disagrees with you

28 Dec 2022
Comments 0
Write a comment
Error!
01. 02. 03. 04.
Reply to Comment
Categories
  • general-articles3
  • business-sense3
  • health3
  • speeches3
  • personalities3
  • jokes-and-humour3
  • politics3
  • religion3
  • culture3
  • features3
  • gadgets3
  • quizes3
  • car3
  • technology3
  • academia3
  • nutrition3
  • war-and-conflict3
  • science3
  • biography3
  • hobbies3
  • Classifieds
  • Jobs
Popular Tags
  • Gadgets
  • Popular
OnePlus Nord N20 5G Android Smartphone

OnePlus Nord N20 5G Android Smartphone

  • 11/29/2022
  • 12
  • 206
  • Votes: 0 |NaN out of 5
Fitbit Charge 5

Fitbit Charge 5

  • 11/25/2022
  • 12
  • 190
  • Votes: 0 |NaN out of 5
Moleskine Smart Writing Set 2.0

Moleskine Smart Writing Set 2.0

  • 11/25/2022
  • 12
  • 191
  • Votes: 0 |NaN out of 5
Dyson’s air-purifying headphones

Dyson’s air-purifying headphones

  • 12/13/2022
  • 12
  • 206
  • Votes: 0 |NaN out of 5
View more articles

Resident Manager

P. O. Box Ah 9182, Ahinsan, Ashanti, Ghana +233 27 872 7027 i-desk@allghanadata.com

Categories
  • news
  • institutions
  • entertainment
  • blogs
  • recipes
  • classifieds
Links
  • Home
  • Privacy
  • Classifieds
  • Lifestyle
  • Jobs
  • Sitemap
  • Contact us
Subscribe

©2002-2025 . All rights reserved.
  • Terms & Conditions
  • Privacy Policy
  • Politics
  • Technology
  • Business
  • Sports
  • Science
Our site uses cookies. Learn more about our use of cookies: Cookie policy
Accept Reject
  • Login
  • Register
Lost Your Password?
or

For faster login or register use your social account.

Connect with Google