Thursday, June 3, 2021

MTA Experiences Security Breach As They Got Hacked Back In April

New York City's transit system was hacked in April. 3,700 employees and contractors to change their passwords and no data was hacked nor stolen.

NEW YORK, NY- Why, oh why? New York’s subway system was targeted by hackers with links to the Chinese government in April, according to a Metropolitan Transportation Authority (MTA) document reported on by The New York Times. Officials with the MTA said that on April 20, the FBI, Cybersecurity Infrastructure Agency (CISA) and the National Security Agency issued a joint alert that there was a zero-day vulnerability, which is a vulnerability no one was aware of and for which there were no patches. CISA issued recommendations for fixes and patches, which the MTA implemented by the morning of April 21. The MTA further said it engaged with IBM and Mandiant to perform a forensic audit.

Only three of the MTA’s 18 systems were impacted. No employee information was breached, and there is no impact to customers or contractors. Rafail Portnoy, the MTA’s chief technology officer, said in a statement, “Quickly and aggressively responded to this attack bringing on Mandiant, a leading cyber security firm, whose forensic audit found no evidence operational systems were impacted, no employee or customer information breached, no data loss and no changes to our vital systems. Importantly, the MTA’s existing multi-layered security systems worked as designed, preventing spread of the attack and we continue to strengthen these comprehensive systems and remain vigilant as cyber-attacks are a growing global threat.”

Hackers breached multiple agencies by exploiting vulnerabilities in products from IT company Invanti’s Pulse Connect Secure. CISA said at the time that it had been assisting compromised organizations since March 31. The hack itself was believed to have begun in June 2020 or earlier. Meat producing group JBS USA was forced to shut down operations after being targeted. The FBI has identified Russian-linked groups REvil and Sodinokibi as behind that hack. Colonial Pipeline was forced to halt 5,500 miles of pipeline last month after being targeted by criminal ransomware gang DarkSide.

Wow; just wow. So much cyber-security attacks in within a span of a month. Why is the United States getting cyber attacked by China and Russia? The Biden Administration better get to work and find those perpetrators who are responsible for breaching our security. This has everything to do with the former guy bowing down to foreign diplomats. Hopefully, everything gets situated this time around and things go well with better security and protection. 

No comments:

Post a Comment