A recent cyberattack suffered by San Francisco’s light-rail system has caused a co-founding member of the Senate Cybersecurity Caucus to question whether the nation’s capital could sustain a similar assault.
Sen. Mark Warner, Virginia Democrat, raised his concerns in a letter sent to the general manager of the Washington Metropolitan Area Transit Authority on Monday amid reports of high-profile systems being seized by ransomware — a type of malicious software the FBI has attributed with causing tens of millions of dollars in losses each month since 2015 when it began being successfully deployed by hackers at an unprecedented degree against targets including schools, police stations and at least one major transit system.
The San Francisco Municipal Transportation Agency (SFMTA) ultimately let passengers ride for free Thanksgiving weekend after a ransomware infection hindered access to hundreds of agency computers. As with similar ransomware incidents, the individual who took responsibility claimed to have encrypted the contents of the infected computers, and initially demanded roughly $73,000 in Bitcoin in exchange for relinquishing the hack data and restoring access to the systems.
The agency said it declined to pay, and instead reportedly accumulated nearly $50,000 in losses by suspending fare while it identified a way to response to the hack.
Besides the certain monetary loss, though, Mr. Warner said he fears a similar attack against the D.C. region’s Metro transit system could cause other result in “grave and far reaching” repercussions.
“While early reports indicate that the attack on SFMTA may have been opportunistic rather than targeted, I am concerned that WMATA may represent a particularly enticing target for more advanced threats, given its importance to the region and the number of federal agencies that rely on the system to transport their workforces each day,” Mr. Warner wrote.
“Should a cyberattack cripple WMATA’s ability to collect fares for days at a time, or have the effect of deterring alarmed riders, the financial implications would only exacerbate WMATA’s serious and mounting fiscal problems,” he said. “A cyberattack could potentially threaten these vital networks as well, putting riders at risk if an accident or emergency were to occur during a cyberattack.”
About 868,000 passengers rode the D.C. Metro on a daily basis during the second quarter of 2016, making it the most popular system of its kind in the country second only to New York’s. The system’s physical safety has nonetheless been repeatedly called into question, however, particularly after a passenger died inside a smoke-filled subway car two years ago this week.
In order to ensure Metro’s computers are up to snuff, Mr. Warner has asked the agency to provide details with respect to its IT systems and any contingency plans it may have in the event of a potential cyberattack waged at city transit. A statement from his office says he expects Metro to respond to each of his seven cybersecurity questions and other issues addressed in Monday’s letter by February 15.
Metro has received the senator’s letter and will provide a timely response, a spokesperson for the agency told The Washington Post this week.
The frequency of ransomware attacks has spiked from about 1,000 attacks per day in 2015 to over 4,000 daily in the first quarter of 2016, according to Mr. Warner. Taking into consideration the entire calendar year, the FBI expects extortionists will have generated $1 billion in digital ransom payments during 2016, NBC News reported this week.
The Los Angeles Community College District recently paid nearly $30,000 to regain access to computer systems affected by a ransomware infection discovered on the first day of classes, educators said this week.
• Andrew Blake can be reached at ablake@washingtontimes.com.
Please read our comment policy before commenting.