Anyone who closely follows the happenings of the cybersecurity world is probably well aware that news of late has been dominated by reports of IoT botnet armies. If you’re wondering what happened to ransomware, ponder no more: Encryption malware is still at large in charge as far as cyberthreats go, and shows no signs of being anything but in the coming months.
Public Transportation: The Newest Target
On Black Friday, the world witnessed yet another unprecedented ransomware attack. This time, the victim was San Francisco’s Municipal Transportation Agency. According to Ars Technica, ticketing systems at multiple Muni station booths locked up. Screens displayed a message that read, “You Hacked, ALL Data Encrypted.” Systems used to manage the city’s buses were also taken offline.
The hackers responsible requested a ransom of $73,000. As of this writing, all systems are go; however, it remains unclear how the issue was remediated, or if a ransom was paid to hackers. What we do know is that the strain of ransomware used provided “email@example.com” as the contact email address, which has previously been linked to Mamba and HDDCryptor, both of which were discovered in September by cybersecurity researchers.
Interestingly, the event coincided with a study released by cybersecurity firm PhishMe in September, which stated that the transportation sector was more susceptible to clicking on malicious links or downloading malware spread through social engineering schemes. The city of San Francisco is ransomware’s most recent high-profile victim.