The M.T.A. Is Breached by Hackers as Cyberattacks Surge
Hackers allegedly working for the Chinese government hacked into the computer system of the Metropolitan Transportation Authority (MTA), a US transportation company that operates 12 counties in southwestern New York and two counties in southwestern Connecticut.
According to The New York Times, the hackers did not gain access to the train control systems and the safety of passengers was not compromised.
The attack took place in April this year – at the same time, the US federal government reported that five government organizations were hacked by foreign hackers through a VPN service.
Attackers exploited a zero-day vulnerability in Pulse Connect Secure gateways ( CVE-2021-22893 ).
According to experts of the information security company FireEye, at least two hacker groups exploited the vulnerability to attack defence, government and financial organizations in the United States and other countries.
A week after the MTA became aware of the incident, officials speculated that the hackers could continue to infiltrate the company’s computer networks through a backdoor. However, according to representatives of the Metropolitan Transportation Authority, the analysis of the attack did not reveal any evidence of further infiltration, and the personal information of the company’s customers was not compromised.
The MTA reported the incident to law enforcement and other government agencies but did not publicly disclose it.
The hackers who attacked the Metropolitan Transportation Authority did not pursue financial gain, did not use ransomware and did not demand ransom.
The attack on the company was carried out as part of a large-scale cyber operation carried out by hackers allegedly working for the Chinese government.
The reason why hackers became interested in MTA is not known for certain, but experts put forward several versions.
First, they might have targeted important information about the operation of transport systems that would allow China to have a dominant position in the rail transport market. Secondly, hackers could have hacked into MTA systems by mistake, and when they got inside, they could see that there was nothing of interest to them.
According to experts, this happens quite often.
Catch up on more articles here
Follow us on Twitter here