San Franciscans just got an all-too-real demonstration of what it’s like when hackers attack urban infrastructure. The city’s Municipal Transportation Agency has confirmed that the Muni station computer system was hacked, leading officials to open fare gates, shut down ticket kiosks and otherwise make rides free on November 26th. Trains themselves were unaffected, and payments resumed on the morning of the 27th. It’s not certain exactly who was responsible (besides “Andy Saolis,” likely a pseudonym), but Hoodline understands that the intruders were using ransomware to hold the city hostage until it paid the equivalent of $73,000 in bitcoin. Screens at terminals said “you hacked, ALL data encrypted” and pointed the city to a Russian email address to arrange payment.
Tipsters speaking to CBS claim that the hack had been around for “days,” and that it affected employees. Hoodline expands on this and claims that the attack compromised database servers, email, training and even payroll systems. “Only” a quarter of SFMTA’s computers (2,112 of 8,656) fell victim, but that was enough to prompt the emergency shutdown. The agency might not have had to give into the ransom demands, at any rate. While officials haven’t confirmed anything, Hoodline understands that the backup servers were likely safe. The biggest concern is that Muni may have lost days’ worth of information if there was no recent backup.
It’s possible that the attackers got in through a phishing scheme, where an employee was tricked into installing rogue code through deceptive email or websites, but that’s not certain at this early stage.
The evidence suggests this is more likely to be a classic instance of cybercrime instead of a state-sponsored act. After all, San Francisco’s train station is a tempting target with both money and a strong incentive to recover its systems as quickly as possible. Whoever’s responsible, the act is a reminder that a lot of America’s critical infrastructure remains vulnerable. It also cuts a little too close to the bone for gamers — Ubisoft just released Watch Dogs 2, where activist hackers exploit San Francisco’s information grid to further their (considerably nobler) causes. Watch Dogs’ tendency to eerily mirror reality remains intact.