How Hackers Hit San Francisco's Rail System - Dispatch Weekly

November 28, 2016 - Reading time: 5 minutes

San Francisco was the target of a cyberattack that began on November 25 as hackers managed to lock down key parts of the city’s transport network, resulting in free travel for the public the next day.

Purpose of the Public Transport Hack

While residents may have been pleasantly surprised to travel for free, the attack is a modern reminder of the dangers of hacking.

Although the group did not give a name for their organization they demanded a ransom of 100 Bitcoin (around $70,000) according to the BBC.

It is hard to know whether or not the hackers will be getting their ransom, however by November 27 operations at San Francisco transport hubs had returned to normal.

A spokesman, Paul Rose, said that “The incident remains under investigation, so it wouldn’t be appropriate to provide any additional details at this point.”

If the hackers had managed to access sensitive information, such as payroll or log-in information, then it’s possible that repercussions from the hack could be more severe than expected.

Mike Grover, working with Hoodline to investigate the attack, suggested that an IT administrator working for the Municipal Transit Agency may have been duped by an email phishing scam. This might have given the hackers the passwords they needed to easily enter the transport networks computer system.

Previous Public Hack

This February 5 hackers carried out a similar attack on Hollywood Presbyterian Medical Center which knocked out the hospitals electronic communications systems. Medical staff were forced to start using pen and paper instead of computers.

However, unlike the recent attack in San Francisco, the Hollywood Presbyterian opted to pay a ransom of 40 Bitcoin (around $17,000) in order to bring the hack to an end.

A spokesperson at the time was quoted as saying that they paid the ransom, “In the best interest of restoring normal operations.”

Overseas Hacking: 225,000 Ukrainians Left Without Power

In December 2015 parts of Ukraine were left without power in the run-up to Christmas as a result of a massive cyberattack that targeted multiple power companies.

At the time Ukraine’s energy minister suggested that the hack was orchestrated by a Russian group. Tensions between Russia and the Ukraine have been heightened since violence in 2014.

A US report into the attack did not speculate on the likely perpetrators of the hack, but reported that the attack likely occurred ‘following extensive reconnaissance’ of the power companies involved. The report further stated that malware was extensively used in the attack and that effort was taken by the hackers to make restoration of power to the affected regions as difficult as possible.

The Increase of Cybercrime

Photo Credit: statista

According to a 2016 PWC report about cybercrime the frequency of these attacks is only likely to get worse. Cybercrimes increased in 2016 compared to 2015.

A quarter of survey respondents said they had been affected by cybercrime and around 50 organizations reported they had suffered losses exceeding $5,000,000.

Brad Medairy, senior vice president at Booz Allen Hamilton, said “This is a near-term threat that we need awareness about. We need to be prepared.”

There seems to be a very real worry that unless cybercrime is better understood and safeguarded against, incidents such as the hacking that occurred in San Francisco on November 25 could become more frequent.

Is the San Francisco hacking a sign of how easily public transport systems can be targeted by criminals? Should the government do more to protect citizens?

DW Staff

David Lintott is the Editor-in-Chief, leading our team of talented freelance journalists. He specializes in covering culture, sport, and society. Originally from the decaying seaside town of Eastbourne, he attributes his insightful world-weariness to his roots in this unique setting.