Some TTC communication services are still down after ransomware attacks

TORONTO – The Toronto Transit Commission’s Wheel-Trans online booking portal, travel planning apps and other communications systems continue to be down after the transit agency was hit by a ransomware attack on Thursday.

“Unfortunately, there is no update to speak of,” TTC spokesman Stuart Green told CP24 Saturday morning. “We continue to have problems, we have our internal staff as well as some external cybersecurity experts that we have called in to help with this.”

TTC first learned about the hack Thursday night when an IT employee found “unusual networking activity,” according to a statement released Friday night.

The TTC said the attack was initially “minimal” but then gradually got worse in the middle of Friday.

Hackers also overturned TTC’s Vision System, which is used to communicate with vehicle operators.

Meanwhile, TTC uses radio backup to talk to its employees.

READ MORE: TTC investigates ransomware attacks that compromised multiple servers

“We think we have managed to isolate things and stabilize our network … We have a kind of hierarchy of things that we must first have online again. The first would be our Vision System, which allows full communication with our operators in the field. , ”Said Green.

Regarding TTC’s Wheel-Trans online booking portal, Green said that customers who pre-booked a ride will still receive service, and customers who want service can make a request by calling TTC.

Other interrupted services include ‘Next Vehicle Information System’ on platform screens, the TTC website and TTC’s internal email service.

“So if you’re trying to use one of the apps on your phone and you’re waiting at a bus stop, you will not see the next vehicle arrive, or you may see something, but it will not be accurate, as well as the internal e-mail mails that are down so we have no network service, ”Green said.

TTC said there were no major service outages caused by the attack and that there is no risk to employee or customer safety.

Green, however, said it is unknown if any employee or customer information has been compromised.

The transit agency has called in law enforcement and cyber security experts, including Toronto’s IT department, to resolve the issue and determine the cause of the attack.

Green said the TTC identified the attack early and is updating its system to prevent these attacks from happening again.

“We have obviously done everything we possibly could and humanly could. You know, we identified the threat early on. But as anyone who has been a victim of these things knows, and many large organizations have been victims of these things, they are moving. very, very fast. We are in the process of upgrading our systems. “

There is still no timeline for when the services will be up and running.

“It’s really just a matter of time. We will continue to advise customers through our social media channels when we have any updates. Unfortunately, it will be inconvenient for customers, and we must of course apologize.”

The TTC on Saturday canceled its planned closure of the subway between St. Clair and College stations to focus on tackling the attack.

With files from CP24’s Bryann Aguilar


Leave a Comment