East Bay Times: Security analysts: Muni hack should be wake-up call to other agencies

November 28, 2016 — Security analysts: Muni hack should be wake-up call to other agencies

Robert Capps, the vice president of business development for NuData comments on this article covering the recent Muni hack.

SAN FRANCISCO — Long the scourge of personal computers and small businesses, ransomware — like the virus that struck San Francisco Muni’s computer systems over the weekend — is becoming increasingly common among large corporations and public agencies are no exception, digital security analysts said.

Muni reponded by giving free light-rail rides from Friday until 9 a.m. Sunday. The computer viruses, which lock users out of their own data until they agree to pay a ransom, can hit a company’s bottom line but aren’t likely a threat to public safety, experts said. That’s because most transit agencies keep critical systems that control trains offline and separate those systems from the networks employees use to access email or perform regular work, said Robert Capps, the vice president of business development for NuData Security, a digital security firm.

Muni riders in San Francisco were not at risk, and the hackers did not access data or breach payment systems during the attack that affected around 900 computer workstations on Friday, said Paul Rose, a spokesman for the SFMTA. As a precautionary measure, Cubic Transportation Systems, the company that operates Clipper cards, shut down the payment kiosks to prevent the malware from spreading, said Randy Rentschler, a spokesman for the Metropolitan Transportation Commission, which contracts with Cubic.

For the complete article, go here.