Hello,

We noticed you're browsing in private or incognito mode.

To continue reading this article, please exit incognito mode or log in.

Not an Insider? Subscribe now for unlimited access to online articles.

Connectivity

Ransomware Took San Francisco’s Public Transit for a Ride

Hackers forced the light rail network to let passengers ride free to avoid a massive disruption to service.

While the city dealt with a ransomware attack, passengers got to ride the Muni for free.

The San Francisco Municipal Transportation Agency was taken for a ride of its own when hackers used ransomware to shut down its ticketing systems and demand payment.

The agency—usually known as Muni—found that around 2,000 of its servers and computers, including many ticket machines, were locked by ransomware over the Thanksgiving weekend. According to the Verge, machines displayed a message that read: "You Hacked, ALL Data Encrypted. Contact For Key(cryptom27@yandex.com)ID:681, Enter.”

Ticket machines were labeled “out of order” over the weekend, and people traveled on the agency’s light rail network for free. A Muni spokesperson told the San Francisco Chronicle that the hack had “no impact to transit service, to our security systems or to our customers’ private information.”

But the incident is still a sign that important city infrastructure is wide open to digital attack.

According the the BBC, the hackers demanded 100 bitcoins—currently around $70,000—for the decryption key. It’s not clear whether or not the transport agency has paid up, though a Bitcoin locker that the Register claims was set up to receive the ransom is empty at this writing.

Ransomware is a simple form of malware: it infects a computer, uses strong encryption to lock down files, and then provides the user with a ransom note demanding money in exchange for a key to unlock the data. It’s lucrative, and it has become more pervasive in recent years. According to Symantec, millions of ransomware attacks are now attempted every day.

Regular users may see their computers infected by rogue websites, images, or videos. It’s not currently clear how the Muni system became infected, and its staff has not released any details, citing an ongoing investigation into the attack.

There have been other notable ransomware attacks in the past, the most worrying of which was a spate of incidents that affected hospitals. In those cases, medical records were rendered inaccessible. One hospital, Hollywood Presbyterian Hospital in Los Angeles, ultimately paid hackers $17,000 to recover its data.

Techniques are available that allow researchers to detect ransomware attacks before it’s too late. But antivirus companies have so far struggled to turn them into tools that work in the real world.

For now, then, individuals and organizations alike must simply follow best security practices to avoid infection and ensure that data is backed up. That way, it doesn’t matter too much if a hacker takes you for a ride.

(Read more: Verge, BBC, The San Francisco Chronicle, “Two Ways to Stop Ransomware in Its Tracks,” “With Hospital Ransomware Infections, the Patients Are at Risk,” “Holding Data Hostage: The Perfect Internet Crime?

Become an MIT Technology Review Insider for in-depth analysis and unparalleled perspective.

Subscribe today
While the city dealt with a ransomware attack, passengers got to ride the Muni for free.
More from Connectivity

What it means to be constantly connected with each other and vast sources of information.

Want more award-winning journalism? Subscribe to Insider Plus.
  • Insider Plus {! insider.prices.plus !}*

    {! insider.display.menuOptionsLabel !}

    Everything included in Insider Basic, plus the digital magazine, extensive archive, ad-free web experience, and discounts to partner offerings and MIT Technology Review events.

    See details+

    What's Included

    Unlimited 24/7 access to MIT Technology Review’s website

    The Download: our daily newsletter of what's important in technology and innovation

    Bimonthly print magazine (6 issues per year)

    Bimonthly digital/PDF edition

    Access to the magazine PDF archive—thousands of articles going back to 1899 at your fingertips

    Special interest publications

    Discount to MIT Technology Review events

    Special discounts to select partner offerings

    Ad-free web experience

/3
You've read of three free articles this month. for unlimited online access. You've read of three free articles this month. for unlimited online access. This is your last free article this month. for unlimited online access. You've read all your free articles this month. for unlimited online access. You've read of three free articles this month. for more, or for unlimited online access. for two more free articles, or for unlimited online access.