Dive Brief:

• San Francisco transit riders got a free ride over the weekend after the city's mass transit system suffered a cyberattack. 
• On Saturday morning, ticket machines had a message pop up that said "You hacked. ALL data encrypted," in addition to a email address to contact. The San Francisco Municipal Transportation System shut down its ticketing machines and point of sale systems. As a result, the transit agency opened the gates and allowed passengers to ride of free. 
• Officials do not yet know if employee or passenger data was breach or if its smart-card system, Clipper, was also impacted. 

Dive Insight:

Though transit passengers may gladly take the free ride, many are concerned about what could have lurked behind the cyberattack. Though it was not a confirmed ransomware attack, the provided contact information suggests the hackers were looking for payment in return for unlocking systems. 

Often with ransomware attacks, more cyberthreats can lurk behind the distraction of locked systems. Hackers use ransomware as a smoke screen to distract officials, then enter systems to steal proprietary information or payment information. 

Earlier this year, cyberattackers started hitting hospitals with ransomware, demanding payment to unlock systems. Organizations can defend against ransomware attacks by ensuring redundancy measures are in place. But if companies aren't prepared, it is often easier to just pay the ransom.