 |
NEWS HEADLINES |
|
|
| CLASSIFIEDS |
| » APTA seeks a senior program manager-safety and security. [More] |
| » The Greater New Haven Transit District, Hamden, CT, requests proposals for the purchase and delivery of accessible minivans and small buses. [More] |
| View more Classified Ads » |
| TO PLACE AN AD: E-mail the requested date(s) of publication to: ptads@apta.com. Mailing address is: Passenger Transport, 1300 I Street NW, Suite 1200 East, Washington, DC 20005.
Ad copy is not accepted by phone. DEADLINE: 3 p.m. EST, Friday, one week prior to publication date. INFORMATION: Phone (202) 496-4877. |
Muni Restores Operations After Internal Systems Hack; Service, Safety Uninterrupted
The San Francisco Municipal Transportation Agency (SFMTA) has restored its computer operations following a malware attack on Friday, Nov. 25 that primarily affected its internal office and other systems, prompting agency officials to temporarily turn off subway ticket machines and fare gates to minimize potential risk and inconvenience to riders during the holiday weekend. "While we were the victim of a ransomware attack, there was essentially no impact to transit service or other mission critical systems, and no sensitive data was compromised. Thanks to the fact that we systematically back up our systems, the impact was minimal, and the team is working to finish the restoration," said Ed Reiskin, SFMTA director of transportation.
“In coordination with our partners at Cubic Transportation Systems, who operate Clipper [the agency’s payment system], we took the precaution of turning off the ticket machines and fare gates in the Muni Metro subway stations, starting Friday until 9 a.m. Sunday,” reported agency officials in a blog posting.
“The primary impact of the attack was to approximately 900 office computers,” the blog stated, adding that email was affected, as was access to the agency’s payroll system, which remained operational with no impact to employees’ pay.
“Transit service was unaffected and there were no impacts to the safe operation of buses and Muni Metro. Neither customer privacy nor transaction information were compromised,” the blog stated. SFMTA is the parent organization of Muni.
Contrary to news media reports, the cybercriminals did not breach SFMTA’s networks, gain access to any system data through its servers or break through its firewalls to gain entry and spread the malware. “Muni operations and safety were not affected. Our customer payment systems were not hacked,” the blog noted.
The agency was infected with “ransomware,” a type of malware that breaches systems through an email attachment, limiting users from gaining accessing to their own system. It then encrypts data and hackers demand a ransom for the encryption key. In this case, the hacker demanded 100 Bitcoins (about $70,000), news reports stated.
“The SFMTA has never considered paying the ransom. We have an information technology team in place that can restore our systems, and that is what they are doing,” the blog noted.
Agency officials immediately contacted DHS to identify and contain the virus and continues to work closely with DHS and the FBI.
Resources at the Ready
From APTA: APTA has published two standards and recommended practices that address cybersecurity specifically.
Securing Control and Communications Systems in Rail Transit Environments, Part IIIb: Protecting the Operationally Critical Security Zone; APTA SS-CCS-004-16
Published: Oct. 26, 2016
Cybersecurity Considerations for Public Transit; APTA SS-ECS-RP-001-14
Approved: Oct. 17, 2014
Find both resources on the APTA website. For more information about other APTA resources, contact Randy Clarke.
From the Transportation Research Board: TRB has recently published Protection of Transportation Infrastructure from Cyber Attacks: A Primer, which provides transportation organizations with reference materials and is supplemented with an executive briefing for use as a 20-minute presentation for senior executives on public transit security practices and DOT cyber and industrial control systems; a PowerPoint is also available.
The primer is a collaboration between two TRB research initiatives, TCRP and the National Cooperative Highway Research Program. Find details here.
|
