Free rides on Thanksgiving day? Ransomware hacks San Francisco’s transport system

As ransomware remains to be a hot topic in the cyber space, it is steadily transcending into the real world. Last weekend, the passengers of San Francisco railway system (MUNI) have experienced the primary effects of ransomware attack – due to systems hacked by Mamba ransomware, they were granted free rides. Though such incident did not result in any major losses or severe outcomes, the penetration of virtual viruses into the reality is becoming a worrying matter.

The residents of San Francisco were first surprised by getting an opportunity to ride with Municipal Railways for free on Black Friday. While the ticket machines were showing signs of “out of service” and “free ride”, all 2 000 linked systems were shut down displaying: “You Hacked, ALL Data Encrypted. Contact For Key(cryptom27@yandex.com)ID:681 ,Enter.“ The swindlers demanded 100 BTC (approximately 73 000 USD) in exchange for the system recovery, but there is no information whether the MUNI paid the money or not. Experts speculate that this virus is the variation of HDDCryptor. However, as we have already mentioned, HDDcryptor comprises only one part of a bigger ransomware campaign known as Mamba. The traces lead to the Californian ransomware group calling themselves Andy Saolis. It is not known whether the hijack was terminated by the hackers themselves on Sunday afternoon or it was the accomplishment of IT security specialists.

This time ordinary people might have benefitted from the cyber criminals’ protest against a certain company, however, this act raises many unanswered questions and worries. If swindlers are capable of accessing such vital systems, what would happen if they paralyzed the flow of electricity in a city, region or entire state? As computer systems do not only monitor bank operations, public services, and entertainment, but such vital spheres, as hospitals and transport as well, new opportunities for hackers appear each day. The kind of cyber attack highly depends on racketeers’ conscience. While some ransomware developers do not hold down and attack hospitals, which results in the cancellation of hundreds of medical operations, others tend to manifest their cyber skills differently. Such cases of cyber hactivism must not be ignored before both, the virtual and real world, encounter monstrous after-effects.