Moscow recently opened its first cable-car service and promised free rides for the first month. Unfortunately, only days after after the service was made available, attackers reportedly hacked into the cable car systems and infected them with ransomware.
With eager passengers waiting to take their free ride, police officers were explaining that the cable car was shut down due to technical reasons according to a report from the TheMoscowTimes.
"A video on the Rossiiskaya Gazeta government daily’s website showed a police officer*telling*people waiting in line that the cable car would not reopen “for technical reasons.”"
According to another Russian media report, the main computer for the cable car system was infected with ransomware and was demanding a ransom payment in bitcoins to decrypt the files required for the operation of the*cable car.
"According to the agency interlocutor, a message was received from an unknown person on the head computer of the Moscow Cable Cars operating company requesting to transfer bitcoins to him in exchange for decrypting all the electronic files of the computer that is responsible for the cable car operation. The amount of the ransom, said in the letter, depends "on the speed of response to the letter." As a result, there was a failure in the cable car."
This is not the first time that public transportation has been affected by ransomware. In November 2016, the San Francisco Public Transit system had numerous computers, including their payment systems, infected with the HDDCryptor ransomware. This caused the transit system to allow the passengers to ride for free while the systems were restored.
San Francisco Public Transit System infected with HDDCryptor