TfL cyberattack affects Dial-a-Ride as expert says ‘could imply ransomware’

The attack on London's transport provider may be more complicated than originally thought.

Helen Clarke September 05 2024

Transport for London‘s (TfL) cyber security incident, reported on 2 September, is said to have affected both the TfL network and Dial-a-Ride journeys, according to the service’s website.

Dial-a-Ride is unable to process any new booking requests, after TfL’s cyberattack earlier in the week. Dial-a-Ride is TfL’s free door-to-door service for those with permanent or long-term disabilities.

Mark Robertson, chief revenue officer and co-founder of cybersecurity company Acumen Cyber believes the latest announcement that Dial-a-Ride was affected means the attack could be more serious than was initially thought.

With Dial-a-Ride now affected, the attack could end up having a “serious impact on citizens with disabilities across London.”

Robertson says the fact that the Dial-a-Ride has been affected, points to the attack being ransomware but until the cause has been identified by TfL, it is promising to see that incident response is being prioritised and the impact limited.

“Other organisations should learn from this. Don’t just focus on defences, also focus on preparation. No security tools are bulletproof, so preparing for attacks to limit their blast radius is key to improving cyber resilience.”

This comes after TfL announced on Monday (2 September) that the National Crime Agency was involved in investigating the incident, but that no customer data had been compromised.

Currently, all tube services seem to be running as normal, which Robertson says “does indicate TfL has been able to prevent the incident from having an operational impact”.

The Register has since reported that sources claim the incident was caused by a VPN issue: “The TfL hack was their Cisco VPN getting popped” said one source, with reports that all outbound internet has been cut and inbound internet has been restricted, as employees have been told to work from home.

Verdict contacted the TfL customers services line and a representative confirmed that all systems were down due to the incident and customer services would resume in the next few days.

A representative from TfL said: “The booking system for Dial a Ride was temporarily down – although pre-existing bookings were still fulfilled. We are now able to take essential bookings and hope the situation will further improve as the day goes on.”

Uncover your next opportunity with expert reports

Steer your business strategy with key data and insights from our latest market research reports and company profiles. Not ready to buy? Start small by downloading a sample report first.

Newsletters by sectors

close

Sign up to the newsletter: In Brief

Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

Thank you for subscribing

View all newsletters from across the GlobalData Media network.

close