Ransomware Attack on SF Metro Puts Bitcoin in Bad Light

After the latest ransomware attack, the popular quote “Guns don’t kill people, People kill people” should be adapted to “Bitcoin doesn’t hack computers, People hack computers”. This time, the target was San Francisco Municipal Railways, better known as Muni.

According to reports, the ransomware attack involving a variant of HDDCryptor malicious software crippled the busy urban transportation system earlier on Saturday. The Ransomware infection spread to over 2000 systems, causing the ticketing systems to crash. Hackers responsible for the attack have demanded a ransom of 100 bitcoins, roughly $73000 to decrypt the scrambled hard disks. The attack on Muni during the busy Thanksgiving weekend forced the operator to allow free travel on the underground rail and bus network.

The ransomware is suspected to have entered the network after one of the unsuspecting employees downloaded a compromised email attachment. Upon entering the system, the malware spread across the Muni computer network comprising of over 8500 systems. The infected systems include office admin desktops, CAD workstations, email and print servers, employee laptops, payroll systems, SQL databases, ticketing machines, lost and found property terminals and more.

Commuters attempting to buy tickets at the kiosk were welcomed by a message saying,

“You Hacked, ALL Data Encrypted. Contact For Key ([email protected] (mailto:[email protected]))ID:601 , Enter Key:”

The incident is currently under investigation and there is no information about whether the San Francisco municipality intends to pay the ransom or not. However, this incident draws unwanted attention towards Bitcoin, the popular cryptocurrency.  The digital currency has been favored by many hackers and cybercriminals due to its ease of use and the pseudonymous nature of transactions. These incidents involving Bitcoin and widespread media coverage puts Bitcoin in bad light. The cryptocurrency has been instrumental in changing the face of today’s technology. It has provided a way to offer financial services at a much lesser cost with greater efficiency. The advantage of Bitcoin also comes with a cost to the governments — decentralization the existing monetary system, taking away control from governments and putting it back into the public’s hands. Governments capitalize on these negative incidents to introduce restrictions meant to make life harder for legitimate crypto-businesses and platforms.

The current infection seems to have targeted Muni systems running on Windows operating system. In order to recover the encrypted machines, the operator will have to enter a decryption key, available with the creator/distributor of the ransomware.

Many huge businesses, banks, hospitals and even police stations have been victims of ransomware attacks in the past. This is probably the first time someone has targeted the mass transit system in an attempt to throw the general public’s life out of gear.

Ref and Image: The Register UK