Hackers allegedly breach New York transit authority systems amid wave of cyberattacks, media point finger at China

The MTA confirmed the attack on Wednesday, saying the breach involved three of the agency’s 18 computer systems and that it was alerted to the incident in April by the FBI and other federal agencies. In its report on the cyberattack earlier on Wednesday, the New York Times said the breach appeared to be carried out by a group of hackers “believed to be backed by the Chinese government,” citing cybersecurity firm FireEye.

The transportation authority’s own statement made no mention of potential ties between the hackers and Beijing, however. 

The hackers, who allegedly also breached the systems of dozens of government agencies and companies in April, made no financial demands following the MTA hack. 

The transit operator “quickly and aggressively responded to this attack,” MTA’s chief technology officer Rafail Portnoy said in a statement. An investigation showed that operational systems weren’t affected, and no employee or customer data was accessed.

“The MTA’s existing multi-layered security systems worked as designed, preventing spread of the attack, and we continue to strengthen these comprehensive systems and remain vigilant, as cyberattacks are a growing global threat,” the CTO added.

While the MTA hack didn’t disrupt service, two high-profile ransomware attacks in the past month have temporarily shut down critical US infrastructure. Colonial Pipeline, the largest US transporter of refined fuels, was forced to temporarily halt shipments after a major cyber breach last month, leading to gasoline shortages across states in the southeast. JBS, the world’s biggest meatpacker, was also forced to idle nine beef plants when it was hit by a similar attack earlier this week.

The Joe Biden administration pinned the Colonial and JBS breaches on “cybercriminals in Russia,” though presented little evidence to support the claim. On Tuesday, White House spokesperson Karine Jean-Pierre said that Washington has been talking to the Russian government about the JBS hack, warning Moscow against becoming a safe haven for “ransomware criminals.”

The latest breach at the MTA marks the third foreign government-supported cyberattack on the agency in recent years, transit officials told the Times.

Think your friends would be interested? Share this story!

© 2021, paradox. All rights reserved.