China hacked into MTA but failed to control New York subway: Ransomware cripples Martha’s Vineyard ferry
New York City’s transit system was hacked by Chinese agents in April, it emerged Wednesday, when a ferry company carrying passengers to Martha’s Vineyard and Nantucket confirmed that they too had been targeted by hackers.
The Metropolitan Transportation Authority (MTA) discovered that their computer systems could be accessed, but the hackers were unable to access systems that control train cars, The New York Times reported, citing an internal MTA investigation.
Transit officials said riders were never at risk and they don’t believe passenger or employee data has been compromised.
On Wednesday, it emerged that New York City’s Metropolitan Transportation Authority (MTA) was attacked by Chinese hackers in April. The MTA said no passengers were at risk and no data was stolen, but analysts are concerned about the news — the third hack of the MTA by a foreign agent in recent years, according to The New York Times.
But the attack in New York showed once again how vulnerable the United States’ infrastructure is to cyberattacks.
On Tuesday, the world’s largest meat processor was forced to close all nine beef plants in the United States, also affecting many of its pork and poultry plants.
Last month, a ransomware attack on Colonial Pipeline, which transports gas to nearly half of the East Coast, caused gas and jet fuel shortages and panic buying.
And on Wednesday, the Steamship Authority, which operates ferries between mainland Massachusetts and the popular vacation islands of Martha’s Vineyard and Nantucket, said they too had been hacked.
The website was still down on Wednesday evening and passengers were told to expect delays.
A view of a Steamship Authority ferry approaching Nantucket Terminal on April 25, 2020. The company was hacked on Wednesday, they said.
They were encouraged to use cash to purchase tickets, and are currently unable to book tickets or change vehicle reservations online or over the phone.
Ticketing processes will likely continue to be affected on Thursday.
“The Woods Hole, Martha’s Vineyard and Nantucket Steamship Authority have been the target of a ransomware attack since Wednesday morning,” the Steamship Authority said in a statement. “As a result, customers traveling with us today may experience delays.”
Wednesday at 5:30 p.m., they tweeted: “The Steamship Authority continues to work internally with our team, as well as local, state and federal officials externally, to address today’s ransomware incident.
“At this time, we cannot release or confirm any specific details about what happened.”
The company has not disclosed whether they have paid any ransom.
Cars are loaded onto the Steamship Authority ferry in Woods Hole, Massachusetts. The ferry is a lifeline for those living on Nantucket and Martha’s Vineyard as it is the only way to get cars to and from the islands
The operators of the Colonial Pipeline have confirmed that they have paid $4.4 million to the Russian Dark Side hackers to resume their vital operations.
The New York hack is just the latest attack on US transit systems
A survey last year by the Mineta Transportation Institute, cited by The New York Times, found that only 60 percent of transit authorities had a cybersecurity plan in place.
They seemed naive about the risks: more than 80 percent believed they were prepared to face cybersecurity threats.
“Many transit agencies don’t have chief security officers, let alone cybersecurity officers,” said Scott Belcher, a transportation technology consultant who led the study.
In 2016, the San Francisco Municipal Transportation Agency was hacked, disrupting ticket systems and forcing the agency to provide free service for three days.
In 2019, the transportation agency in Fort Worth, Texas, lost access to its IT systems, data and customer support.
And in October, a ransomware attack disrupted the operations of the Philadelphia transit authority for months after the agency was forced to block employees from accessing their email and stopped providing real-time travel information to passengers.
The Sacramento transit agency and the state transportation department in Colorado have also been hit by cyberattacks in recent years.
New York’s system — the largest in North America — appears particularly vulnerable, having been breached by foreign agents three times in recent years, The New York Times reported.
New York’s transit system is the largest in North America. But it is vulnerable to cyber attacks, as happened in April and has happened twice before
Hackers specifically gained access to systems used by New York City Transit, which oversees the subway and buses.
They also had access to the Long Island Rail Road and Metro-North Railroad, endangering three of the transit authority’s 18 computer systems.
The hackers appeared to have gained access through remote working systems used as staff logging in at home.
The MTA required 3,700 employees and contractors, who represent five percent of the workforce, to change passwords as a precaution, the carrier said.
Several theories have been put forward as to why Beijing might want to hack New York’s public transportation system.
One idea is that China wanted to learn more about New York’s systems as they try to make headway in the industry that provides parts and carriages for the service.
Another idea is that while fishing, China inadvertently gained access to the system and realized there was little interest.
Some see the hack as China flexing its muscles and showing off its abilities.
“The MTA’s existing multi-layered security systems worked as designed, preventing the attack from spreading,” said Rafail Portnoy, MTA’s chief technology officer.
“We continue to strengthen these comprehensive systems and remain vigilant as cyber-attacks are a growing global threat.”