Cyber attack reveals confidential information of prominent California transit organization.

Cyber attack reveals confidential information of prominent California transit organization.

In a series of cyberattacks targeting the public sector, the ransomware group Vice Society has been making headlines. Most recently, the group attacked the Los Angeles Unified School District (LAUSD) in September 2022, leaking about 250,000 district files on the dark web.

The LAUSD refused Vice Society's ransom demand, leading to the publication of sensitive personal data, including staff and student information. The stolen data was posted to a leak site controlled by Vice Society, exposing highly sensitive and personal data, such as a master employee list, background disposition reports, crime lab reports, police reports, a suspected child abuse report, and controlled substances examination reports.

Alicia Trost, BART's chief communications officer, confirmed an investigation into the data leak, which Vice Society also claimed responsibility for in an attack on San Francisco's Bay Area Rapid Transit (BART) earlier. Microsoft Security researchers described Vice Society's ransomware payload as unique, with branded extensions that distinguish it from other threat actors.

Vice Society is somewhat unusual in that it heavily targets the public sector, especially schools, whereas most ransomware operations prefer the private sector. The reason for Vice Society's preference for targeting the public sector is not clear. However, the transit sector is significantly more vulnerable than other industries to cyberattacks, as multiple transit and rail systems have been hit in the past, including the New York City Metropolitan Transportation Authority, Colorado Department of Transportation, Metro Vancouver TransLink, and Toronto Metrolinx.

In response to the growing threat, the Transportation Security Administration strengthened cybersecurity directives for transit owners and operators in October 2022. The same day the Los Angeles schools system publicly disclosed the incident, a joint Cybersecurity Advisory from federal authorities was issued, with the FBI and Cybersecurity and Infrastructure Security Agency assisting the investigation and response.

Despite the attack, BART remains operational, with no BART services or internal business systems impacted. BART is taking all necessary precautions to respond to the attack.

Attacks on police departments are considered serious due to the sensitive information they hold. In December 2021, the Transportation Security Administration announced new directives and voluntary guidelines for incident reporting and coordination. These measures aim to improve the response to and recovery from cyberattacks, especially those targeting the public sector.

In conclusion, Vice Society's attacks on the LAUSD and BART highlight the importance of strengthening cybersecurity measures in the public sector. The transit sector, in particular, must take steps to protect against these increasingly common and damaging cyberattacks.

Read also:

• Oxidative Stress in Sperm Abnormalities: Impact of Reactive Oxygen Species (ROS) on Sperm Harm
• Is it possible to receive the hepatitis B vaccine more than once?
• Transgender Individuals and Menopause: A Question of Occurrence?
• Genetically manipulated rabbits sprout ominous black horns on their heads