San Francisco Hit by Ransomware Attack

By: - November 29, 2016 12:00 am

Damariscotta, Maine, Police Chief Ronald Young’s department was a victim of a ransomware attack. Cybercriminals are preying on government agencies in search of a payoff.

© Getty Images

San Francisco has become the latest city to be targeted by cybercriminals using ransomware, software that hijacks computer systems and holds them hostage until victims pay a ransom or restore the data on their own.

The city’s Municipal Transportation Agency was struck Friday by malware that disrupted some of its computer systems and email. While no customer privacy was compromised and transit services weren’t affected, officials say they turned off ticket machines and fare gates in subway stations until Sunday morning as a precaution.

Transportation officials say they never considered paying the ransom, and that backup systems allowed them to get most of their computers up and running Monday. The rest were expected to be restored within a day or two.

Cybercriminals increasingly are preying on local governments, hospitals and police departments, forcing officials to decide whether to meet the demands or risk losing their data.

Local and state governments were hit by as many as 450 infections a month between October and May, according to Brian Calkin, a vice president of the Multi-State Information Sharing and Analysis Center, a federally funded group that tracks cybersecurity issues.

The infectious software usually gets launched when a computer user unknowingly clicks on an email with an attachment or link to a website. Once it is opened, it gets lodged in the computer system and locks files, encrypting them so they can’t be accessed. The hacker usually gives the victim a certain period to pay ransom —usually a small amount — to unlock it and open their files or risk losing the data.

Many government agencies, especially larger ones, have backup systems that can restore the data without major delays and expense. But recently, they have been seeing new, more sophisticated versions that are harder to protect against.

Our stories may be republished online or in print under Creative Commons license CC BY-NC-ND 4.0. We ask that you edit only for style or to shorten, provide proper attribution and link to our web site. Please see our republishing guidelines for use of photos and graphics.

Jenni Bergal

Jenni Bergal covers transportation, infrastructure and cybersecurity for Stateline. She has been a reporter at Kaiser and the Center for Public Integrity.