Everything we know about the TfL cyber attack so far
Transport for London (TfL) has confirmed it’s dealing with an ongoing cyber attack and has called in the National Crime Agency (NCA) and National Cyber Security Centre (NCSC) for help.
“We are currently dealing with an ongoing cyber security incident. At present, there is no evidence that any customer data has been compromised and there has been no impact on TfL services,” the company said in a statement yesterday.
“The security of our systems and customer data is very important to us, and we have taken immediate action to prevent any further access to our systems.”
The organization, which operates most of the transport network in London, including buses and tube trains, says services haven’t been impacted, but hasn’t shared any concrete details on the scale of breach so far.
The incident is reported to have affected backroom systems at its headquarters, with staff asked to work from home as a result of the incident.
Adam Pilton, senior cybersecurity consultant at CyberSmart and former Detective Sergeant investigating cyber crime, suggested that TfL’s changes to its internal systems may indicate that the attacker could still be in TfL’s network.
“TFL have been quick with their communications which is a good thing and they’re currently dealing with an incident of which we don’t know the nature of,” he said.
It’s unclear who might be behind the attack, although there are certain obvious suspects, according to William Wright, CEO of Closed Door Security.
“The big question people will also want to know is who carried out the attack and if it can be attributed to another country, like Russia,” he said.
“TfL was also attacked by Russia last year, so it definitely isn’t out of the realms of possibility. Furthermore, given Russia’s recent uptick in attacks on the West, it wouldn’t be surprising, but it is far too early to speculate.”
In last year’s attack, TfL said that it had been hit by the Russian-speaking Clop ransomware gang in an attack that saw the personal details of around 13,000 people stolen.
TfL customers advised to remain vigilant
Despite TfL claiming no customer data has been compromised in the incident, security experts have warned commuters to remain vigilant if the situation escalates.
Simon Newman, co-founder of Cyber London and International Cyber Expo Advisory Council member, said the integral role that TfL plays within London’s transport infrastructure means customers will “undoubtedly be worried” by the attack.
“Although TfL has been quick to point out that there isn’t any evidence to suggest that customer data has been compromised, details of the incident are still emerging. TfL customers should monitor any suspicious activity on their account and change their password.”
This is a developing story, and will be updated if new details emerge.
Source link