The San Francisco Municipal Transportation System was the victim of a dedicated hacking attack that rendered the Metro Light Rail System free for all users. The service was hijacked yesterday, sources report, and held for ransom. The rail system is back to normal.
Worker’s machines at the stations started displaying the message “You hacked,” and ticket machines stopped working. The incident took place yesterday. The Muni rail decided to open all fare gates as a way to avoid the problem from affecting customers.
This particular instance raises questions about the government’s capability to withstand, counter, and prevent large-scale hacking attacks on public institutions.
Governmental organizations in the United States might be lacking in the cyber security department
Today 'You hacked' lit?up #MUNI?screens across #SanFrancisco! Fares were FREE?https://t.co/crmL4kMysp #IoT #gamedev pic.twitter.com/ZUnU1mf6fn
— sØurc€cØd€(8Ø8)€rrØr (@s0urc3c0d3err0r) November 27, 2016
Since the October Dyn breach, the massive hacking that took down hundreds of websites throughout the nation temporarily, many cybersecurity researchers have questioned whether America is ready to counter these types of threats.
The Dyn attack was apparently the work of Anonymous and the New World Hackers (NWH), who claimed responsibility shortly after it went public. It is important to ponder about what could happen if a hack came not from an independent perpetrator but a rivaling government, for example.
Another good illustration of vulnerability, this time on a more personal scale, came from the repeated phishing attacks that went wild shortly after the elections. Hillary Clinton and her campaign staff also suffered similar cybersecurity breaches.
There is no current infrastructure or cyber defense organization in place
The Pentagon has a Cyber Command which, in theory, would be responsible for defending the nation against possible digital threats. However, it seems that it would fall short in the event of an actual governmental breach.
America’s turn towards cyber-proofing itself would require some legislations and international regulations that have not been discussed or even invented, in some cases.
Most legal procedures today seemingly point towards allowing the state to pursue domestic threats, but not to protect it when actual incidents start to happen.
Hackers are holding San Francisco's light-rail system for ransom #infosec #MUNI #Ransomware https://t.co/8Y1s7nF3tU
— Cisco_East (@Cisco_East) November 28, 2016
Security experts currently consider a possible ‘cyber-9/11’ to be unstoppable under today’s circumstances. Earlier this year, in March, the Justice Department investigated a group of seven Iranians for tapping into the control room of a dam in the state of New York.
What’s Donald Trump stance on cyber security?
The current President-elect, Donald Trump, has consistently warned against possible cyber attacks and the internet’s role in ISIS’ recruitment of youngsters, among other things.
He has reiterated the necessity for better infrastructure and harsh measures that could include ‘closing’ some parts of the internet.
Of course, Trump’s comments spark a sense of suspicion among readers, who claim it is only a rhetorical device for him to bring more censorship to the table and hinder the rights of minorities, more specifically American Muslims.
Moreover, he has said several times in the past China has been using cyber warfare against the United States for a long time.
Hillary Clinton, on the other hand, has also stated her concern regarding this topic, but she has repeatedly named Russia as the supposed cyber-perpetrator.
She accused Russia’s President, Vladimir Putin, of using hackers to conduct attacks into administrative files, and the DNC.
Source: Wall Street Journal / The Verge