Tag Archive for: metro

Hackers demand ransom for stolen Metro data

/in


ST. LOUIS — A hacking group stole confidential data from the St. Louis area’s transportation agency in a cyberattack earlier this month and is threatening to publish it if officials do not pay a ransom.

Neither transportation officials nor the hackers have specified how much data was stolen or how much money is being demanded. The hackers claim they stole information related to the regional transportation system Metro Transit, including passports, Social Security numbers and tax information.

A Metro Transit official said no customer data has been compromised, but the investigation is ongoing.

Brett Callow, an analyst with the New Zealand-based cybersecurity company Emsisoft, shared screenshots with the Post Dispatch that show the hackers threatening to publish the data if transportation officials don’t pay up. The screenshots were published on an unregulated part of the internet called the dark web, which is often used by hackers to publish ransom threats.

People are also reading…

The same hacking group hit several other public agencies over the past year, including the City of Oakland and the San Bernardino Sheriff’s Office in California, and government agencies in the United Kingdom and Germany, security analysts say. The San Bernardino Sheriff’s Office paid the group a $1.1 million ransom.

Metro Transit, the regional transit system operated by Bi-State Development, was first hit by the cyberattack on Oct. 2. Phone and computer services for its paratransit service named Call-A-Ride were still disrupted as late as last week.

The agency took its computer systems offline after the attack, and it has since restored transit operations and secured its financial and payroll systems, said Bi-State President and CEO Taulby Roach.

Roach confirmed the attack included a ransom demand, but he said the agency is still trying to determine if…

Source…

Hackers say they’ve published data stolen from St. Louis’ Metro Transit

/in


ST. LOUIS — An anonymous hacker group says it has published data it stole from a regional transportation agency here.

It was not immediately clear what data was published or whether it included sensitive personal information. The hackers earlier this week demanded a ransom be paid or they would release stolen information from the regional transportation system Metro Transit, including passports, Social Security numbers and tax information.

Taulby Roach, the CEO and president of Bi-State Development, which operates Metro Transit, said Thursday the agency did not pay the ransom but did not release more details about the demand.

A union that represents many of Metro Transit’s 1,800 employees said no employees have reported instances of identity theft or other malicious activity stemming from the hack.

Roach said no customer data was stolen, and any impacted employees will be notified.

People are also reading…

Employees were told of the data breach earlier this week and offered free credit monitoring through TransUnion, a credit reporting agency.

“We are unaware of any instances where sensitive employee information has been used maliciously,” Roach said in a statement. “However, we encouraged employees to register as soon as possible for the free credit monitoring services and heightened vigilance by our employees for suspicious links or suspicious credit activity.

Brett Callow, an analyst with the New Zealand-based cybersecurity firm Emsisoft, shared a screenshot with the Post-Dispatch that showed files containing what the hackers claimed late Wednesday was stolen Metro data.

Callow said it’s impossible to know exactly what’s in the files without downloading and viewing them, which he said he wouldn’t do because he sees it as an invasion of privacy.

The screenshot was published on an unregulated part of the internet called the dark web, which hackers often use to publish ransom threats and…

Source…

Metro Detroit police departments targeted in ransomware attacks

/in


Downriver police agengies targeted in malware attack, prevent data breach

Several Downriver police communities were targeted in a data breach this week but, thanks to quick actions, were able to stop the attack before it became a data breach.

WYANDOTTE, Mich. (FOX 2)Multiple Wayne County police agencies were targeted on Friday in a ransomware attack but were able to thwart a data breach thanks to quick actions.

The details of what agencies were impacted and when by a cyberattack are still emerging, but Wyandotte Police Lt. Neil Hunter said they noticed a lot of phishing emails this week sent to officers and city workers.

According to Hunter, a records management system that supports several downriver police agencies was hit with malware. They’re still determining which departments all had to deal with the mess but FOX 2 has learned that servers had to be shut down temporarily to fix the issue

“(It) made things a little painful for us for a minute, but they were really quick with their response in taking care of the issue. We’re back full running normally,” Hunter said.

The good news is that this was not a data breach. 

“Our IT identified it rather quickly. They took care of the problem before it became a bigger problem,” Hunter said.

Darrin Hanna is a cybersecurity and hardware expert out of Oakland University and says criminals working online can get to secure systems more easily than you think.

“Malware is planted, typically, the simplest way is by sending emails and having you download attachments or clicking on a link that takes you to a website that actually isn’t the website you think it is,” he said.

In the end, it comes down to being vigilant before you click or tap on that email attachment.

“The methods people are using to perform these attacks is evolving and changing at all times. Protecting yourself requires a plan, implementing that, and it also requires continuously changing things,” Hanna said.

Source…

Anonymous #OpRussia Reports Metro System Hack, Counter-Disinformation Milestone

/in


The #OpRussia cyber warfare campaign launched shortly after Russia invaded Ukraine reported that more than 70 million counter-disinformation messages have been sent to Russians through one tool while Anonymous and allied hacktivists reported intrusions into the country’s transportation and financial critical infrastructure sectors.

Ghost Security announced Tuesday that it had gained access to IT systems servicing Russia’s metro systems and “found something crazy”: “The controls to the smoke system, the AC (TEMP) in each train (labeled car in attached images), battery system, and much more. Found the full building blueprints with the temp control, we have also found the reports on every train and soon we will be publishing all the data.”

“FOR NOW Please enjoy the fact that we will be fucking with your trains especially the ones entering or exiting Belarus, and entering or exiting Ukraine,” GhostSec said in an open message to metro safety systems provider Metrospetstekhnika. “UPDATES WILL COME ALONG AS WE CONTINUE FUCKING WITH THE METRO.”

Network Battalion 65 continues to use a modified version of the Conti ransomware against Russian entities, announcing Sunday its attack on Petersburg Social Commercial Bank (JSC Bank PSCB). “We’re very thankful that you store so many credentials in Chrome,” NB65 tweeted. “Well done.”

“While you are not the biggest, your strategic importance to the federation is plain to see,” NB65 said in its note to the bank. “Wealthy oligarchs and your government have moved plenty of funds through your services. How do we know, you’re wondering? Because we have all of your transaction records, E-tax records, client data, keys, tokens, databases, and more.” The forthcoming data dump is promised to be about 800GB.

The group told the bank that its environment was “fully encrypted with the ransomware kit created by Russian state actors that was so destructive to the world: Conti. By now you’re also aware that we have modified it, and continue to in order to make it more effective against Russian targets. We’re happy to be a thorn in your side.”

“Federation government: your lack of honor and blatant war crimes have…

Source…