Threat Watch

The Southeastern Pennsylvania Transportation Authority (SEPTA) Has Been Affected by Ransomware

The Pennsylvania transportation company SEPTA disclosed a ransomware attack that has been affecting their systems since August. Due to the attack, services such as employee email, real time ride sharing, and customized Community Transportation Connect were halted by SEPTA. No comment has been made about what type of attack the company suffered and how it made its way on to their systems, but an internal investigation is taking place with assistance with the FBI. However, numerous sources reported that SEPTA suffered a ransomware attack and that some type of transaction was made that was covered through their cyber liability insurance. While it does not seem as if customer information was affected, this attack has mostly taken its toll on the employees of SEPTA, making it difficult to carry out day to day operations. Due to this, a call center has been set up to help SEPTA employees and a year of free credit monitoring services have been offered as well.

ANALYST NOTES

Dealing with emails from unknown senders, especially if they request action from the user such as opening a document or clicking a link, can end up hurting organizations. The combination of anti-virus software with Endpoint Detection and Response (EDR) tools can help prevent or stop intrusions. An adequate monitoring system that fits the needs of an organization is also very important—this will allow businesses to get ahead of the infection and stop it before important files are compromised. At Binary Defense, our Security Operations Task Force analysts monitor endpoints for signs of intrusions, and we alert our clients as soon as any suspicious activity is noticed.

Source: https://fusion.inquirer.com/transportation/septa-malware-attack-ransomware-fbi-employees-cybersecurity-20201007.html