The Ann Arbor Area Transportation Authority (TheRide) said it experienced a cyber attack this week. The attack caused temporary disruptions to real-time bus information and other information systems, but bus service continued to operate.
An alert on the authority’s website indicated its rider tools were unavailable and route information could be obtained by calling TheRide directly.
“As soon as we became aware of the situation, our team immediately began taking action. We shut down many of our systems, including our real-time bus information and in-office assistance while we assessed the situation,” TheRide CEO Matt Carpenter said. “We are working hard to restore our real-time bus information and other tools as quickly as possible. We appreciate everyone’s understanding and patience as we work through this.”
The authority reported the incident to law enforcement and noted the investigation is ongoing and updates will be provided as needed.
Unfortunately, TheRide is not alone in its fight against cyber attackers. New York Metropolitan Transportation Authority, Santa Clara Valley Transportation Authority, Southeastern Pennsylvania Transportation Authority, TransLink and Société de transport de Montréal have all been breached within the past 18 months in some form.
Earlier this month, Secretary of the Department of Homeland Security Alejandro Mayorkas announced plans to be detailed later this year for certain passenger rail and transit providers to meet cybersecurity-focused requirements. The pending mandates are part of the department’s transportation “sprint” aimed at enhancing cybersecurity and resilience within the sector.
Secretary Mayorkas says the upcoming security directive will see “higher-risk railroad and rail transit entities” identify a cybersecurity point person, report cyber incidents to the Cybersecurity and Infrastructure Security Agency and develop a contingency and recovery plan should an attack occur.