New York: Subway system was targeted by Chinese-linked hackers
New York: A Metropolitan Transportation Authority (MTA) document has revealed that New York’s subway system was targeted by hackers with links to the Chinese government in April, media reports said.
Officials with the MTA said that on April 20, the FBI, Cybersecurity Infrastructure Agency (CISA) and the National Security Agency issued a joint alert that there was a zero-day vulnerability — meaning a vulnerability no one was aware of and for which there were no patches, The Hill reported quoting The New York Times.
CISA issued recommendations for fixes and patches, which the MTA implemented by the morning of April 21. The MTA further said it engaged with IBM and Mandiant to perform a forensic audit, The Hill reported.
Three of MTA’s 18 systems were impacted during the incident.
However, no employee information was breached.
Rafail Portnoy, the MTA’s chief technology officer, said in a statement to The Hill that the agency “quickly and aggressively responded to this attack bringing on Mandiant, a leading cyber security firm, whose forensic audit found no evidence operational systems were impacted, no employee or customer information breached, no data loss and no changes to our vital systems."
"Importantly, the MTA’s existing multi-layered security systems worked as designed, preventing spread of the attack and we continue to strengthen these comprehensive systems and remain vigilant as cyber-attacks are a growing global threat,” Portnoy continued.