Toronto Subway Systems Suffer Ransomware Attack
Table of Contents
- By David Lukic
- Published: Nov 18, 2021
- Last Updated: Mar 18, 2022
The Toronto Transit Commission (TTC), which oversees the city's public transport system, reported a ransomware cyberattack on Friday, Oct 29. The attack rendered timetable information inaccessible on platforms and apps damaged the organization's email system and forced conductors to rely on radio to communicate.
What was Affected in the Attack?
Following the hack, Toronto's public transportation system began reporting different system problems. Among the systems affected were online services for contacting vehicle operators, information platform displays, apps for planning trips, the TCC’s website, and an online booking portal.
While other services remained unaffected, TTC spokesperson Shabnum Durrani says the assault impacted applications like Rocketman, which gives real-time route information and systems that show arrival details in city subway stations. Customers are now unable to determine when the next transport will arrive.
Although Wheel-Trans, the authority’s online booking system, is also down as a result of the assault, Durrani said that the TTC can still uphold booking requests made before the incident and users may still schedule new trips over the phone.
The attack has also left TTC staff unable to use their internal email messaging system.
How is TTC responding to the attack?
In a statement released on Friday, the TTC acknowledged that it had been the victim of a ransomware attack, noting that its IT staff had noticed unusual network activity and begun an investigation.
TheRide CEO Matt Carpenter said,
“As soon as we became aware of the situation, our team immediately began taking action. We shut down many of our systems, including our real-time bus information and in-office assistance while we assessed the situation.”
The Toronto Transit Commission did not provide a timeframe for when the impacted services will be restored.
What Other Attacks Have Happened to Cities?
This is the third ransomware cyberattack on a major Canadian city's metro system in the last year, according to The Record. In October 2020, Montreal's system was targeted, while Vancouver's was attacked in December 2020.
Other countries have also suffered infrastructure attacks. In July, hackers linked to China targeted New York's Metropolitan Transportation Authority. however, there was no evidence of any malicious or financial motive. In 2016, the Muni system in San Francisco had to cope with a $70,000 demand from digital extortionists.
The Toronto Transit Commission attack and an attack in Ann Arbor, Michigan are the most recent intrusions affecting transit services, with Tronto’s attack happening only days after the hack in Ann Arbor.
