A couple of weeks ago cyber security solutions experts reported a ransomware attack that affected Southeastern Pennsylvania Transportation Authority (SEPTA). Although few details about the incident were revealed at the time, more than 10 days have passed and the infection continues to wreak havoc on the organization.
According to reports, the attack affected their servers, which has diminished SEPTA’s ability to provide real-time transportation information, so they have had to improvise and resort to methods used before technology was here to make our lives easier.
Information system failures have affected passengers, who have limited data on the operating hours of public transport systems in Pennsylvania. In this regard, a SEPTA spokesperson mentions: “In no way do we try to discriminate against users who do not have the ability to access online information systems; real-time schedules will be restored shortly.”
In addition to the users of the local transportation system, the main ones affected are the employees of the organization, who each day embark on a new battle to keep SEPTA operations afloat without the use of business systems, some have even used their personal emails and their own phone numbers in order to work. As if that weren’t enough, they’re still unsure how long the affected systems will be restored, as mentioned by cyber security solutions experts.
While SEPTA has not provided further details about the attack, everything indicates that the damage done to its systems is high, as believed by Michael Levy, a former computer crime investigator in the Office of the Attorney for the Eastern District of Pennsylvania. Among the systems disconnected by SEPTA after the incident are payroll and remote timing, which remain closed until today. “The time that the systems have been offline suggests that the malware may have infected other areas in the SEPTA enterprise network,” Levy says.
Cyber security solutions experts mention that perpetrators of these attacks often access the target system using phishing emails, tricking employees into handing over user credentials or clicking on links that redirect to malicious sites. SEPTA have not yet determined the exact causes of this infection, although the attack on an unsuspecting user is the most likely explanation.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.