Transport for London (TfL) reported on 2 September that is has suffered a cyberattack and is working with the National Crime Agency to deal with the fallout.
According to the transport provider, early indications are that customer data has not been compromised and the transport network and services have not been affected.
Ross Brewer, vice president and managing director for EMEA at cyber company Graylog said: “As a critical national infrastructure (CNI) organisation, TfL and other CNI sectors like transport, utilities, healthcare, financial services, and telecommunications are being heavily targeted.
“The most concerning aspect is that nation-state actors discovered in these environments have often been embedded for months, and in some cases, years. This raises the question: why are nation-state actors from countries like Russia, China, Iran, and North Korea gaining access to UK infrastructure, lying dormant, and not monetising their access?”
Brewer says many security experts believe these entities are gaining control over their adversaries’ infrastructure to disrupt the country and cause public disorder for political and military reasons.
While the specifics of what happened in the TfL attack remain unclear, “poor digital hygiene may have contributed to the breach.”
How well do you really know your competitors?
Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.
Thank you!
Your download email will arrive shortly
Not ready to buy yet? Download a free sample
We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form
By GlobalDataNotice of the attack was sent to customers in a message on Monday evening with TfL being the latest in a string of high-profile attacks, including the NHS in June and Microsoft in July.
Microsoft had fallen victim to a distributed denial-of-service (DDoS) attack which resulted in problems with the tech company’s Azure cloud platform.
One possible reason for cyber-criminals targeting high profile brands could be the assumption that if the attack is a ransomware attack, the ransom will be paid.
Brewer concludes: “As large organisations increasingly pay ransoms, we are seeing a significant rise in organised crime syndicates entering the cybercrime business.”
Shashi Verma, TfL’s chief technology officer said: “We have introduced a number of measures to our internal systems to deal with an ongoing cyber security incident.
“The security of our systems and customer data is very important to us and we will continue to assess the situation throughout and after the incident.”