After the latest ransomware attack, the popular quote “Guns don’t kill people, People kill people” should be adapted to “Bitcoin doesn’t hack computers, People hack computers”. This time, the target was San Francisco Municipal Railways, better known as Muni.
According to reports, the ransomware attack involving a variant of HDDCryptor malicious software crippled the busy urban transportation system earlier on Saturday. The Ransomware infection spread to over 2000 systems, causing the ticketing systems to crash. Hackers responsible for the attack have demanded a ransom of 100 bitcoins, roughly $73000 to decrypt the scrambled hard disks. The attack on Muni during the busy Thanksgiving weekend forced the operator to allow free travel on the underground rail and bus network.
The ransomware is suspected to have entered the network after one of the unsuspecting employees downloaded a compromised email attachment. Upon entering the system, the malware spread across the Muni computer network comprising of over 8500 systems. The infected systems include office admin desktops, CAD workstations, email and print servers, employee laptops, payroll systems, SQL databases, ticketing machines, lost and found property terminals and more.
Commuters attempting to buy tickets at the kiosk were welcomed by a message saying,
“You Hacked, ALL Data