Skip to Content

Ransomware Took San Francisco’s Public Transit for a Ride

Hackers forced the light rail network to let passengers ride free to avoid a massive disruption to service.
November 28, 2016
While the city dealt with a ransomware attack, passengers got to ride the Muni for free.

The San Francisco Municipal Transportation Agency was taken for a ride of its own when hackers used ransomware to shut down its ticketing systems and demand payment.

The agency—usually known as Muni—found that around 2,000 of its servers and computers, including many ticket machines, were locked by ransomware over the Thanksgiving weekend. According to the Verge, machines displayed a message that read: "You Hacked, ALL Data Encrypted. Contact For Key(cryptom27@yandex.com)ID:681, Enter.”

Ticket machines were labeled “out of order” over the weekend, and people traveled on the agency’s light rail network for free. A Muni spokesperson told the San Francisco Chronicle that the hack had “no impact to transit service, to our security systems or to our customers’ private information.”

But the incident is still a sign that important city infrastructure is wide open to digital attack.

According the the BBC, the hackers demanded 100 bitcoins—currently around $70,000—for the decryption key. It’s not clear whether or not the transport agency has paid up, though a Bitcoin locker that the Register claims was set up to receive the ransom is empty at this writing.

Ransomware is a simple form of malware: it infects a computer, uses strong encryption to lock down files, and then provides the user with a ransom note demanding money in exchange for a key to unlock the data. It’s lucrative, and it has become more pervasive in recent years. According to Symantec, millions of ransomware attacks are now attempted every day.

Regular users may see their computers infected by rogue websites, images, or videos. It’s not currently clear how the Muni system became infected, and its staff has not released any details, citing an ongoing investigation into the attack.

There have been other notable ransomware attacks in the past, the most worrying of which was a spate of incidents that affected hospitals. In those cases, medical records were rendered inaccessible. One hospital, Hollywood Presbyterian Hospital in Los Angeles, ultimately paid hackers $17,000 to recover its data.

Techniques are available that allow researchers to detect ransomware attacks before it’s too late. But antivirus companies have so far struggled to turn them into tools that work in the real world.

For now, then, individuals and organizations alike must simply follow best security practices to avoid infection and ensure that data is backed up. That way, it doesn’t matter too much if a hacker takes you for a ride.

(Read more: Verge, BBC, The San Francisco Chronicle, “Two Ways to Stop Ransomware in Its Tracks,” “With Hospital Ransomware Infections, the Patients Are at Risk,” “Holding Data Hostage: The Perfect Internet Crime?

Keep Reading

Most Popular

A view of clouds illuminated by sunlight
A view of clouds illuminated by sunlight

We can’t afford to stop solar geoengineering research

It is the wrong time to take this strategy for combating climate change off the table.

conceptual illustration showing various women's faces being scanned
conceptual illustration showing various women's faces being scanned

A horrifying new AI app swaps women into porn videos with a click

Deepfake researchers have long feared the day this would arrive.

Death and Jeff Bezos
Death and Jeff Bezos

Meet Altos Labs, Silicon Valley’s latest wild bet on living forever

Funders of a deep-pocketed new "rejuvenation" startup are said to include Jeff Bezos and Yuri Milner.

ai learning to multitask concept
ai learning to multitask concept

Meta’s new learning algorithm can teach AI to multi-task

The single technique for teaching neural networks multiple skills is a step towards general-purpose AI.

Stay connected

Illustration by Rose WongIllustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.