03 September 2021

Ransomware on the line

A publicly funded rail operator suffered a Ransomware attack that has left its self-service ticketing booths out of action for a period of time recently, in a worrying new type of attack

The servers that operate the ticket machines were the only system affected and no customer data was compromised, a statement confirmed recently. The aim of cyber criminals in launching any ransomware attack is to get hold of your valuable data, hold it hostage and ask for a ransom for returning it, often in Bitcoin

The threats posed by ransomware and other cyber attacks to organisations of all types are real and many of these incidents slip under the radar as organisations settle discretely to avoid shareholder anxiety or reputational damage. While a good majority of these attacks are simply designed to extort money and aren’t the work of State actors,, attacks on infrastructure are nevertheless increasing – whether it’s to cause harm or cause disruption or simply financial distress.

Globally, no industry was spared by cyber criminals, when it came to launching ransomware attacks last year and this year is no different. At the halfway point of 2021, cyber criminals have targeted some big names across all sectors underlining that nobody is immune to the threat.

But what can be done to lessen the risk? Having a mature security posture can certainly help and an attack on something that perhaps not all customers use now following the popularity of etickets that a number of Rail operators use, means attacks of this nature could slip under the radar in the minds of a dedicated Security manager.  The example above also raises the question of ‘how often do you look at the risks of all points of customer contact?’, especially as consumer behaviour is always evolving.

IRM offer a number of solutions to organisations and our Risk scenario-based testing provides companies with a real world benchmark of their security posture. Understanding the likely threat actors enables the IRM team to play out a true scenario-based attack which can be tailored to clients’ concerns down to the smallest detail. In this case the machine that sells you a train ticket.

IRM’s scenario-based testing provides companies with a real world benchmark of their security posture. Our broad range of CREST and Cyber Scheme certified security testing services help determine whether applications, networks, geographical locations, processes and even people are resilient enough to withstand cyber security attacks. Understanding the likely threat actors enables the IRM team to play out a true scenario based attack.

If you feel you’d like to explore how IRM can work with to protect customer data and prevent reputational damage please contact us 01242 225200 or email sales@irmsecurity.com