Bay Area Rapid Transit (BART)

History

2023: Cyberattack collapse by ransomware virus

On January 6, 2023, the Vice Society cybercriminal group announced the hacking of the Bay Area Rapid Transit (BART) computer infrastructure, one of the largest high-speed electric train systems in the United States.

A transport operator whose lines are located in the San Francisco Bay Area is attacked by a ransomware program. It is noted that the attackers had at their disposal a large amount of confidential data. These are, in particular, a list of key employees, reports from the forensic laboratory and the police, reports on alleged child abuse, information on checks for illegal substances, etc. The information, much of which appears to be related to the activities of the transport agency's police department, was posted on the leak site, which is controlled by the Vice Society.

Bay Area Rapid Transit attacked by ransomware virus

We are examining the published data. No BART services or internal business systems were affected. As with other government agencies, we are taking all necessary precautions, "said Alicia Trost, director of public relations for the high-speed train operator.

It is not yet clear whether cybercriminals have filed a ransom demand. However, Microsoft Security experts in their October 2022 report said that the Vice Society group is primarily financially motivated. Its victims are organizations with insufficiently reliable security tools, a higher likelihood of compromise and ransom payments. According to Chester Wisniewski, chief scientist at Sophos, despite cybercriminals stealing sensitive BART information, fraud against individual citizens is unlikely. Attacks like this are usually aimed at obtaining a ransom from the most hacked organization.^[1]

Notes