A malicious hacker that attacked Montreal’s transit company with malware has demanded a ransom of US $2.8m to restore regular network operations.
The Société de transport de Montréal (STM) was targeted with ransomware on Oct 19. The attack knocked the agency’s reservation technique for tailored transit offline and brought on an outage that impacted close to 1,000 of STM’s 1,600 servers, 624 of which are regarded as operationally delicate.
No data was exfiltrated by the hacker, and the incident did not impression the city’s bus and metro services.
Immediately after additional than a week of silence, the hacker ultimately contacted STM to issue a ransom demand that the agency says it will not comply with.
In a statement published Thursday, STM claimed: “Adhering to communication with the hacker, a ransom demand of US $2.8 million was produced. The STM maintains its selection not to act on this ask for.”
STM’s paratransit reservation method was restored on October 25. The company claimed that as of yesterday, about 77% of servers impacted by the attack experienced been restored.
Payments to STM’s 11,000 workforce ended up finished in what the company described as an “practically normal fashion.” Payments to suppliers were not affected by the incident.
An investigation into the incident is ongoing. Details discovered so considerably reveal that the attacker employed a phishing email to gain accessibility to STM’s network. Although describing the attack as similar to RansomExx, STM mentioned it would not share any further more particulars till the investigation experienced been finished.
A 7 days following the cyber-strike on Montreal’s transit agency, a second attack was carried out on a health and fitness company in the city’s west finish.
The CIUSSS du Centre-Ouest-de-l’Île-de-Montréal blocked distant accessibility and disconnected from the internet just after the attack in an try to minimize any problems.
Dr. Lawrence Rosenberg, head of the CIUSSS, reported that no individual details belonging to team or individuals experienced been compromised as a outcome of the security incident.
The CIUSSS operate the city’s Jewish Normal Healthcare facility and various extensive-phrase care amenities. Rosenberg said that while problems had been expert with the phone method, affected individual care experienced not been affected by the attack.