Chinese Hackers Breach New York Subway Train System But Fail to Access Train Details

It isn't clear why the hackers tried to access the MTA's computer systems, but investigators believe it could be linked to China's efforts to dominate the rail car market.

  • Updated

A group of hackers with links to the Chinese government hacked the computer systems of New York's Metropolitan Transit Authority (MTA) in April, transit officials said on Wednesday. The revelations come on the same day a ferry company taking passengers to Martha's Vineyard and Nantucket confirmed that they too had been targeted by hackers.

The MTA discovered that its computer systems had been accessed, but the hackers did not gain access to systems that control train cars, The New York Times reported, citing an internal MTA investigation. However, despite the massive hack, riders were never at risk, and passenger or employee data too wasn't compromised, transit officials confirmed.

Close Encounter

New York Subway
New York Subway Pixabay

According to the report, the breach occurred on two separate days in the second week of April. However, it remained unchecked and was detected after a few days on April 20, officials said. The authority "quickly and aggressively responded to this attack," MTA Chief Technology Officer Rafail Portnoy said in a statement.

It was not immediately clear why the hackers tried to access the MTA's computer systems, but investigators theorized that it could be linked to China's efforts to dominate the rail car market, according to The Times. Hackers, however, did not manage to get access to systems related to train operations, safety or customer or employee information, the MTA said.

"The MTA's existing multi-layered security systems worked as designed, preventing spread of the attack and we continue to strengthen these comprehensive systems and remain vigilant as cyber-attacks are a growing global threat," he added.

According to the New York Times report, Hackers gained access specifically to systems used by New York City Transit, which oversees the subway and buses. They also got access to the Long Island Rail Road and Metro-North Railroad's systems, compromising three of the transit authority's 18 computer systems. The hackers seemed to have gained entry via remote working systems used as staff logged on from home.

Following the reveal, the MTA asked 3,700 of its employees, almost 5 percent of its workforce, to change their password as a precautionary measure.

US Easy Target

Hacker IANS

Another reason behind Chinese hackers trying to access the data was because they wanted to learn more about New York's systems, as they try to make advances in the industry that supplies parts and carriages for the service. Another idea is that China accessed the system by mistake, while fishing around, and realized there was little of interest.

That said, the revelations came on the same day the Steamship Authority, which operates ferries between the Massachusetts mainland and popular holiday islands of Martha's Vineyard and Nantucket, said they too had been hacked.

The website was still down on Wednesday night, and passengers were told to expect delays. They were being encouraged to use cash to buy tickets, and are currently unable to book tickets or change vehicle reservations online or by phone.

At 5:30 pm on Wednesday they tweeted: 'The Steamship Authority continues to work with our team internally, as well as with local, state, and federal officials externally, to address today's ransomware incident.

However, it is still unclear if they had to pay a ransom like the Colonial Pipeline. Operators of the Colonial Pipeline paid $4.4 million to Russian-based hackers Dark Side, to resume their vital operations.

The MTA hack is also the latest in a string of cyberattacks that have struck US agencies and companies in recent months, including a cyberattack in the past week against major meat producer JBS.

This article was first published on June 3, 2021
Related topics : Ransomware