They demanded payment of 100 BitCoins to unlock the servers and restore functionality. The railway’s IT staff worked diligently through the weekend to restore at least enough functionality to begin collecting fares again, but the hackers took note, and did not seem amused.
They contacted the railway again, this time with a list of servers they had hacked, which included servers controlling payroll and ticketing information.
It’s possible that the hackers simply copied these names from the list of servers they could see from the ones they actually have access to, and that the breach isn’t as bad as the hackers are making it out to be. This is a fairly common tactic used to extort more money from terrified organizations.
If it is true, however, that the breach could be far worse than was originally feared. The hackers may have access to tens, or even hundreds of thousands of customer accounts containing a variety of personal information.
The group responsible for the attack has promised to dump more than 30 gigs worth of email messages, delivering them to various news outlets if their demands are not met. So far, there has been no official response from the railway.
This is but the latest in a long and growing line of ransomware attacks, which have become the #1 choice of hackers around the world. Unfortunately, based on the trajectory, it doesn’t look like the number will level off or abate any time soon, which makes it more important than ever to ensure that your firm’s digital security is up to the task of keeping something like this from happening to you.
If you’re not confident about that, call us today and a member of our team will be happy to work with you to analyze your risks and devise a plan of attack that will result in greater certainty, and a more robust security system for your firm.