Public Transportation : Encryption Malware’s Latest Target

Anyone who closely follows the happenings of the cybersecurity world is probably well aware that news of late has been dominated by reports of IoT botnet armies. If you’re wondering what happened to ransomware, ponder no more: Encryption malware is still at large in charge as far as cyberthreats go, and shows no signs of being anything but in the coming months.

Public Transportation: The Newest Target

On Black Friday, the world witnessed yet another unprecedented ransomware attack. This time, the victim was San Francisco’s Municipal Transportation Agency. According to Ars Technica, ticketing systems at multiple Muni station booths locked up. Screens displayed a message that read, “You Hacked, ALL Data Encrypted.” Systems used to manage the city’s buses were also taken offline.

The hackers responsible requested a ransom of $73,000. As of this writing, all systems are go; however, it  remains unclear how the issue was remediated, or if a ransom was paid to hackers. What we do know is that the strain of ransomware used provided “” as the contact email address, which has previously been linked to Mamba and HDDCryptor, both of which were discovered in September by cybersecurity researchers.

Interestingly, the event coincided with a study released by cybersecurity firm PhishMe in September, which stated that the transportation sector was more susceptible to clicking on malicious links or downloading malware spread through social engineering schemes. The city of San Francisco is ransomware’s most recent high-profile victim.

The city of San Francisco is ransomware's most recent high-profile victim.

Do You Have a Backup Plan?

Industries ranging from healthcare to utilities to finance and now public transportation have been gouged by ransomware in the past year. In April, the FBI estimated that encryption malware would rake in $1 billion, but we wouldn’t be surprised if it took in much more than that.

For all of these reasons, it’s more important than ever for businesses to have a backup plan that will help them quickly recover from ransomware – and not just for sake of avoiding the ransom. The costs of IT downtime and remediation can add up fast.

Once of the most effective and intuitive ransomware response strategies is to deploy Faronics Deep Freeze. With its patented reboot to restore technology, an end user with limited knowledge of IT systems need only restart machines infected with ransomware to roll back to the configurations that were in place prior to the infection.

As long as hackers are under the impression that they can make money from ransomware, they’ll continue using it. Deploy Faronics Deep Freeze, and you take away their incentive to go after your company.

About The Author

Matt Williams

A self-proclaimed ‘tech geek’, Matt has worked in technology for a decade and divides his time between blogging and working in IT. A huge New York Giants fan, expert on Reboot Restore Technology when not watching football Matt gets his game on playing Call of Duty with his friends and other tech bloggers.

Sign Up For A 30-Day Trial


Deep Freeze Enterprise

Centralized deployment and management as well as a host of configuration options for the Enterprise.

  • This field is for validation purposes and should be left unchanged.

Ready to find out more about Faronics? Let us know how to reach you.

We're here to help you in any way possible.