Chinese-Related Hackers Attempt to Catch New York's Subway System Off-Guard
The number of high-profile ransomware attacks continues to surge across the globe, targeting one big industry player after another. The New York subway system had reportedly become subject to a cyberattack on April 20. A group of hackers presumably related to the Chinese authorities exploited a zero-day vulnerability to breach the subway's network system. Although the attack succeeded in infiltrating 3 out of the 18 subway systems, it did not get far enough to compromise any employee, customer, or contractor data thanks to a swiftly provided patch the day after.
The Metropolitan Transportation Authority's intrusion took place shortly before the more recent ransomware attack that hit the monumental Colonial Pipeline. Security researchers believe that DarkSide, the cybergang associated with those attacks, may have got some support from the Chinese government.
Table of Contents
Swift Reaction Prevented Damages
Although the zero-day vulnerability exploited by the hackers raised a lot of concern, officials at the Metropolitan Transportation Authority (M.T.A.) insisted that their security systems did succeed in neutralizing the attack before it even unfolded. A forensic audit by a cybersecurity firm reportedly found no evidence of any potential breaches. However, this audit could neither confirm nor reject whether the hackers got access to the data or not.
CISA Is There to Help
The U.S. Cybersecurity Infrastructure Agency (CISA) has played an active role in helping agencies that have recently fallen victim to various ransomware and other cyber-attacks. What is more, the agency has made it clear that the attempt against the M.T.A is by no means an isolated case. As it is, high-profile cyberattacks are becoming a global trend that shows no signs of slowing down any time soon, posing tough challenges to network security companies in their quest to fight back.
No Ransom Demanded This Time
The M.T.A. reportedly did not have to pay any ransom because the crooks did not want one. This tactic is not typical of conventional ransomware actors, which leads security analysts to suggest the attack may merely serve as a means to wreak havoc rather than destroy entire industries. Still, such intrusions do cause significant damage when considering the dire consequences for organizations and institutions that have already had their systems breached.