Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label TfL. Show all posts

London's Transit System Suffers Through Prolonged Cyberattack; Data Security a Concern







Transport for London, the governmental body tasked with running the capital's transit system, is battling a cyberattack that has stretched into a second week. The backbone of the transit operations remains intact and fully functional; however, many of TfL's online services and digital customer platforms are still down, an indicator of the severity of the situation.

TfL Confirms Ongoing Cyber Incident 

An update was published on the website of TfL on October 14th with regard to the cyber incident. It confirmed that a cyber incident was "still being worked on." This came to replace its previous statement that there is "no evidence" the customer data has been breached. Now it is worded as "working to secure our systems and your data", which sends menaces of data breaches.

The uncertainty about whether or not customer data is safe has grown since TfL took back the earlier assertion of no compromise of data. To explain whether they have the technical capability-including log analysis-to determine if customer or employee data has been stolen or exfiltrated during the attack, TechCrunch reached out to TfL. However, TfL spokesperson Thomas Canning dodged these questions. Although TfL confirmed the update to the website, it is not known if the attackers have accessed any kind of information related to customers or employees.

Customer Concerns and Impact on Digital Services

While the cyberattack did not directly impact the transit system, the extended unavailability of online services has caused a great deal of inconvenience to users. Many key digital capabilities remain unavailable, and there is concern about possible long-term impacts on the way customers interact with the transit agency. In fact, TfL has successfully reassured the public that their top priority now is the resolution of this issue and protection of their digital infrastructure against such incidents in the future.

What's in Store for TfL?

Since the cyber-attack is continuous, questions such as the extent of the breach and whether sensitive data has been pilfered are left unanswered. While TfL tries to suppress the situation, until the full breadth of the incident is clarified, a likelihood exists that public trust in protection against leakages of personal data will be put on the agenda.

This indicates the nature of the risk that public organisations face when confronted with sophisticated cyber threats and how such occurrences can be better avoided in the future through more effective cybersecurity measures.

Preventative Measures and Security Focus

This will perhaps shape future policy at TfL around cybersecurity issues, with better protection for customer data and not allowing such an attack to take place in the future. While recuperation of affected digital services takes place, any perceived opacity or lack of clear communication about what happened may hamper efforts to restore confidence in the security of customers' personal information.

This is a still-ongoing incident that serves as a good reminder that organisations all over the world should be very aware and proactive with respect to cybersecurity, constantly reevaluating defenses to minimise the threat, which always seems to be growing.





TFL Hit by Cyberattack, Leaving Disabled Riders Stranded


 

Transport for London (TfL) recently confirmed that disabled passengers are the first group to feel the effects of a cyberattack that has hit their systems. This incident has severely impacted the Dial-a-Ride service, a specialised transport service designed for wheelchair users and individuals with long-term disabilities, leaving many unable to book their necessary door-to-door journeys.

TfL, the organisation responsible for managing London’s public transport network, initially acknowledged a cyber incident on September 2. In their first public statement, TfL reassured customers that no personal data had been compromised, and transport services across the network were unaffected. However, in the days following, it became clear that the cyberattack has caused more disruption than initially reported, particularly for disabled passengers who rely heavily on the Dial-a-Ride service.

The Dial-a-Ride service, which offers free transport for disabled passengers, was forced to suspend new bookings due to the ongoing cybersecurity incident. A recent update from TfL confirmed that the system is unable to process any new journey requests, inconveniencing those who depend on this service for mobility. In addition to suspending bookings, TfL also reported that many staff members operating the service have limited access to critical systems, making it difficult for them to respond to user inquiries or manage ongoing services efficiently.

For many disabled residents, Dial-a-Ride is a crucial service for daily travel. Without it, those with limited mobility are left without a reliable option to get around the city, exacerbating the challenges they already face in navigating public transportation.

Ransomware Likely Cause of the Attack

Although the full details of the cyberattack have not yet been disclosed, cybersecurity experts believe it may be a ransomware attack, a type of cybercrime where systems are locked down by hackers who demand payment in exchange for restoring access. The limited system access reported by TfL employees suggests that hackers may have taken control of essential systems, preventing the organisation from operating key services like Dial-a-Ride.

Mark Robertson, an expert from Acumen Cyber, noted that the involvement of Dial-a-Ride indicates the attack may be more serious than originally thought. He emphasised that being locked out of key systems is a common effect of ransomware, further hinting at the nature of the incident. However, he commended TfL for its incident response efforts, which have helped to manage the crisis and minimise further damage.

Despite the disruption, there has been some good news for Dial-a-Ride users. Following internal recovery measures, TfL announced that essential booking requests are now being accepted once again. Though services remain limited, there is optimism that the situation will continue to improve as the day progresses. 

As TfL continues to address the issue, it serves as a reminder that cyberattacks can have far-reaching impacts, particularly on vulnerable populations such as disabled individuals who rely on services like Dial-a-Ride for their daily mobility needs. TfL’s handling of this situation will likely set an example for other organisations on how to manage similar incidents in the future. 

There is a pressing need for both strong cyber defences and detailed response plans to minimise the fallout from these types of attacks.


Transport for London Faces Ongoing Cyber Security Incident, Works to Safeguard Systems and Data

 

Transport for London (TfL), which oversees much of the public transport network in England's capital, is dealing with an ongoing "cyber security incident." 

The organization confirmed the situation yesterday, stating: "We are currently dealing with an ongoing cyber security incident. The security of our systems and customer data is very important to us, and we have taken immediate action to prevent any further access to our systems."

TfL is collaborating closely with relevant government agencies to address the attack and has promised to provide updates as the situation progresses.

In a statement to The Register, TfL's Chief Technology Officer, Shashi Verma, said: "We have introduced a number of measures to our internal systems to deal with an ongoing cyber security incident. Although we'll need to complete our full assessment, at present, there is currently no evidence that any customer data has been compromised. There is currently no impact to TfL services and we are working closely with the National Crime Agency and the National Cyber Security Centre to respond to the incident."

A spokesperson from the National Cyber Security Centre (NCSC) added: "We are working with Transport for London, alongside law enforcement partners, to fully understand the impact of an incident."

Reports indicate that backroom systems at TfL's corporate headquarters have been affected, prompting staff to work from home where possible. Andrew Brown, managing director and co-owner of software developer Propel Tech, noted that the targeting of backroom systems exposes vulnerabilities that could have severe consequences. He warned that a successful breach could disrupt services, potentially bringing London to a standstill, and could result in significant data breaches.

Brown also highlighted that the decision to have employees work remotely suggests there is still significant work to be done to resolve the issue. Notably, the sign-in page for Oyster and Contactless payments on the TfL network has been taken offline for maintenance, coinciding with the ongoing incident.