Photo: Go- Ahead group

Major UK bus operator hit by cyber attack

09 September 2022

by Christopher Carey

One of the UK’s biggest public transport operators, Go-Ahead, said it is managing a cyber attack after finding “unauthorised activity” within its IT systems.

The company, which runs city services throughout the UK and is London’s biggest bus operator, said it became aware of a fault on its server last Sunday with several back-office systems affected earlier this week.

“Go-Ahead announces that it is currently managing a cybersecurity incident after detecting unauthorised activity on its network on Monday 5 September 2022,” the company said in a statement.

“Upon becoming aware of the incident, Go-Ahead immediately engaged external forensic specialists and has taken precautionary measures with its IT infrastructure whilst it continues to investigate the nature and extent of the incident and implement its incident response plans.

“Go-Ahead will continue to assess the potential impact of the incident but confirms that there is no impact on UK or international rail services which are operating normally.”

The company did not confirm whether any bus routes had been delayed or cancelled as a result of the attack, telling Cities Today: “A number of our systems have been affected by this cybersecurity incident, including the system we use to allocate drivers to bus services.

“Our operating companies are therefore using backup systems and workarounds. We’re doing everything possible to ensure all services continue without interruption. So far this week, those backup procedures have been working well and there have been no more cancellations than in a usual week.”

In addition to running London bus routes on behalf of Transport for London (TfL), Go-Ahead also operates services throughout the south and north of England – accounting for 11 percent of the country’s bus market.

Wider risk

Cybersecurity is a growing threat for transport organisations. According to a 2021 report from Check Point Research, the global transport sector has experienced a 186 percent year-over-year increase in weekly ransomware attacks since June 2020.

Last month the Mineta Transportation Institute at San Jose State University released research which urged US public transit agencies to appoint Chief Security Officers and use procurement processes to raise cybersecurity standards.

The report, titled Aligning the Transit Industry and Their Vendors in the Face of Increasing Cyber Risk, warned that hardware and software lifecycles in public transit are “out of sync”, with vehicles and other hardware designed to last for 15 years or more being supported by software that has stopped receiving security updates, which could lead to “serious vulnerabilities”.

Agencies were also urged to better understand their own risks and ensure they have the ability to communicate them in technical terms, particularly as vendors often provide connected services such as passenger counting, video surveillance, fare management, vehicle location tracking, data storage, and credit card processing.

Image: Go-Ahead

  • Reuters Automotive
https://cities-today.com/wp-content/uploads/2023/11/Dawn-crop.png

Technology inclusion goes beyond internet access in LA

  • Reuters Automotive