dade72 - stock.adobe.com

Transport for London hit by cyber attack

London’s transport network provider TfL experiences cyber security incident, but reassures customers there is no impact on services

Transport for London (TfL) is dealing with a cyber security attack, but has told customers there is no evidence their data is at risk.

It has engaged with government cyber security agencies in response.

The London transport network operator reported on 2 September that it was experiencing an “ongoing cyber security incident”.

Shashi Verma, TfL’s CTO, said: “We have introduced a number of measures to our internal systems to deal with an ongoing cyber security incident. The security of our systems and customer data is very important to us and we will continue to assess the situation throughout and after the incident.

“Although we’ll need to complete our full assessment, at present, there is currently no evidence that any customer data has been compromised. There is currently no impact to TfL services and we are working closely with the National Crime Agency and the National Cyber Security Centre to respond to the incident.”

London’s transport network is critical national infrastructure (CNI) in the UK and any attack could cause major economic damage. Furthermore, millions of people have accounts with TfL, which holds their personal data.

Spencer Starkey, executive vice-president for EMEA at security software supplier SonicWall, said: “Critical national infrastructure refers to the systems, assets and networks that are essential for the functioning of a country’s society. Due to their importance, safeguarding critical national infrastructure is vital to maintain order and prevent potential disasters caused by threats such as cyber attacks

“Ensuring the cyber security of critical national infrastructure requires a comprehensive and ongoing effort. The ramifications of an attack and ensuing outage on CNI can be disastrous, and it’s important to place the utmost amount of time, money and efforts on securing them.

“In a divisive landscape, we’re seeing a continued geo-migration of threats, and governments are under constant cyber threat. These cyber attacks raise concerns about a country’s own national security and critical national infrastructure, as well as the safety of sensitive information,” said Starkey.

He added that protecting government networks communication and cooperation with the private sector and the introduction of strict punishments is necessary to deter attackers.

Read more about TfL

Next Steps

The American Water cyberattack: Explaining how it happened

Read more on IT for transport and travel industry