There has been no indication that SFMTA paid any ransom to get their systems back. Not all ransomware has worm-like capabilities that allow it to propagate through the network, but sadly for SFMTA, this one did. Whomever accidentally downloads the malware becomes a victim. They’re usually designed to spread through non-targeted phishing attacks and exploit kits. This is consistent with the common characteristics of ransomware. The reason the malware was able to spread through the network was likely because the user might have been using a workstation with admin level privileges. Rather, it was more likely that someone working at SFMTA unwittingly downloaded a trojan that actually contained the ransomware.
Although most attacks only cost about $600-$700, there have been reports of ransom demands reaching up to as high as $150,000.Īccording to the extortionist who replied at the Yandex email address, SFMTA was not a victim of a targeted attack. In that attack, the Hollywood Presbyterian Medical Center ended up paying the ransom of $17,000 worth of bitcoins. This is much bigger than another high-profile ransomware attack that happened earlier this year. People who communicated with the email address left by the hackers were told that the ransom amount was 100 bitcoins, roughly equivalent to $73,000. As a result, the commuters were able to get free rides that weekend. Affected systems had their hard drives encrypted, forcing the SFMTA to switch off ticket machines at the subway stations. The disruption from the ransomware attack on Muni, which affected over 2,000 computers, began Friday night and continued the entire Saturday. For more about this highly disruptive menace of a malware, read our post “ The Secrets Behind Ransomware’s Surging Notoriety”. SFMTA, which operates fleets of buses, cable cars, historic streetcars, light railway vehicles (subway), trolley buses and a handful of other public transportations, is now part of a rapidly growing list of businesses that have been victimized by ransomware. The conspicuous message on the screens at ticketing agents’ booths said it all: “You Hacked, ALL Data Encrypted, Contact For Key ( Key.” While most ransomware incidents go unreported, the attack on San Francisco’s Municipal Transport Agency (locally known as Muni) last Black Friday was hard to keep under wraps. SF Transit System Held Hostage by Ransomware
0 kommentar(er)
