Transport for London‘s (TfL) cyber security incident, reported on 2 September, is said to have affected both the TfL network and Dial-a-Ride journeys, according to the service’s website.
Dial-a-Ride is unable to process any new booking requests, after TfL’s cyberattack earlier in the week. Dial-a-Ride is TfL’s free door-to-door service for those with permanent or long-term disabilities.
Mark Robertson, chief revenue officer and co-founder of cybersecurity company Acumen Cyber believes the latest announcement that Dial-a-Ride was affected means the attack could be more serious than was initially thought.
With Dial-a-Ride now affected, the attack could end up having a “serious impact on citizens with disabilities across London.”
Robertson says the fact that the Dial-a-Ride has been affected, points to the attack being ransomware but until the cause has been identified by TfL, it is promising to see that incident response is being prioritised and the impact limited.
“Other organisations should learn from this. Don’t just focus on defences, also focus on preparation. No security tools are bulletproof, so preparing for attacks to limit their blast radius is key to improving cyber resilience.”
How well do you really know your competitors?
Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.
Thank you!
Your download email will arrive shortly
Not ready to buy yet? Download a free sample
We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form
By GlobalDataThis comes after TfL announced on Monday (2 September) that the National Crime Agency was involved in investigating the incident, but that no customer data had been compromised.
Currently, all tube services seem to be running as normal, which Robertson says “does indicate TfL has been able to prevent the incident from having an operational impact”.
The Register has since reported that sources claim the incident was caused by a VPN issue: “The TfL hack was their Cisco VPN getting popped” said one source, with reports that all outbound internet has been cut and inbound internet has been restricted, as employees have been told to work from home.
Verdict contacted the TfL customers services line and a representative confirmed that all systems were down due to the incident and customer services would resume in the next few days.
A representative from TfL said: “The booking system for Dial a Ride was temporarily down – although pre-existing bookings were still fulfilled. We are now able to take essential bookings and hope the situation will further improve as the day goes on.”