Ransomware hits San Francisco transit

Read time 1min 40sec
A $73 000 ransom was reportedly demanded.
A $73 000 ransom was reportedly demanded.

The San Francisco Municipal Transportation Agency said yesterday it had contained a cyber attack, which disrupted its ticketing systems and forced it to offer free service to some customers during the Thanksgiving weekend.

The agency, known widely as Muni, said it was the victim of a ransomware attack on Friday that affected internal computer systems, including e-mail, but had no impact on safe operation of transit services.

The agency disabled fare gates from Friday to Sunday "as a precaution to minimise possible impacts to our customers," Muni spokesman Paul Rose said in an e-mail.

Muni said on its Web site that "the situation is now contained and we have prioritised restoring our systems to be fully operational".

It was the latest high-profile intrusion with ransomware, a pernicious type of computer virus that scrambles data on infected machines, sometimes making it impossible for organisations to deliver critical services.

Attacks have increased sharply over the past year, with criminals targeting hospitals, police departments and other providers of critical services in the US and Europe. Criminals typically charge a few hundred dollars to tens of thousands of dollars or more to provide digital keys that restore systems to normal.

US Federal Bureau of Investigation spokesman Prentice Danner said the agency was "in contact with Muni officials", though he declined to say if the FBI had launched a formal investigation.

The San Francisco Examiner reported that someone claiming to be the attacker informed the newspaper of a $73 000 ransom demand.

Reuters was unable to confirm details of the extortion demand or determine if payment had been made.

The attack disrupted ticket-selling systems, causing kiosk screens to display the phrase "You Hacked, ALL Data Encrypted," according to the Examiner.

Login with