Tuesday, November 29, 2016

Hackers Breached San Francisco’s Transit System and Demanded a Ransom

By Henry Grabar

The computer system that serves San Francisco’s Muni was hacked late last week, giving locals tens of thousands of free rides on the nation’s seventh-largest transit system. The ransom, according to correspondence between the San Francisco Examiner and the email address displayed on Muni employees’ hacked computer screens, was 100 Bitcoin, or about $74,000.

By Sunday, station ticket machines were up and running again, but the hackers indicated to Hoodline, a local news site, that they had compromised more than 2,000 computers in the Muni network in addition to agencywide functions like payroll, email, and real-time bus locations. To cope, the transit agency was assigning routes to bus drivers via handwritten notes on bulletin boards, the Examiner reported. It doesn’t appear to have paid the ransom, though $73,000 is a pittance relative to the potential damage.

The ransomware at work appears to be HDD Cryptor, also known as Mamba, which blocks access to compromised computers entirely. Its rapid takeover of Muni demonstrates—again—the extensive vulnerabilities of networked devices and “smart” infrastructure.

Read the rest here.


  1. Let the incompetents eat their incompetence. That's probably the best way to educate regular folks on the stupidity of their government.

  2. Being in the IT field for .. lots of years.... and living in an area heavy with government contracts, I have some knowledge of the quality of IT staff in government. Expect more of this until they hire enough private contractors to clean it up (if they can even manage to do that hiring properly).