What seemed like a Black Friday hack has revealed extortionists demanding bitcoin ransom. Last weekend, San Francisco public transit fare systems began to refuse commuters’ money. The hacker demanded 100 bitcoin from SFMTA to put its payment systems back in place to undo the revenue loss.
San Francisco Municipal Transportation Agency (SFMTA) refused to honor the ransom. Instead, it opened the gates to allow millions of commuters to commute for free to minimize disruption. By the following Monday, SFMTA’s business was back to normal. However, it is still unknown how the system got back up.
Damage from the Black Friday Hack
SFMTA lost approximately $559,000 in revenue each day of the Black Friday hack. Additionally, the ransom would have cost approximately $73,000. Such attacks are prevalent in this technologically advanced age — especially at organizations where IT security is not upgraded to keep up with hackers’ technology.
Extortionists can easily hack into outdated systems to encrypt them. The hacker then demands a ransom to have encryption unlocked — and even then, decryption does not come with a guarantee.
According to The Verge, who contacted the hacker, the hacker has confirmed he was seeking a deal with SFMTA to undo the damage.
“… our software working completely automatically and we don’t have targeted attack to anywhere…”
As well as the hacked payment systems, employees’ laptops, email and printed services, payroll systems, and SQL databases were also compromised. In a terse statement, SFMTA said it had regained control of the payment system, while the rest is still under the hacker’s control.
The damage could have resulted in far more devastating results if the hacker had used his access to threaten the operational safety of transit services such as the train system and buses. The statement cited an ongoing investigation of the incident as the reason for not releasing more details.
Preventing and Managing Risks
Organizations should have policy and procedures in place for cyber attacks, to manage risk and control damage. With that said, investments in the upgrade of IT security would have likely prevented such losses.
Bitcoin alone does not give opportunities to hackers for extortion. Sufficient IT knowledge and investment are some of the key factors in this time and age to prevent exploitation of IT infrastructures.
To end on a lighter note: the Black Friday hack might have actually boosted the US economy on a Black Friday sales weekend, with all those extra free-riding travelers out spending money.
Share with us your thoughts about the Black Friday hack.
Image Credit: SFMTA, PYMNTS, Shutterstock
Bitcoin.com is the most unique online destination in the bitcoin universe. Buying bitcoin? Do it here. Want to speak your mind to other bitcoin users? Our forum is always open and censorship-free. Like to gamble? We even have a casino.