back to article Passengers ride free on SF Muni subway after ransomware infects network, demands $73k

Hard-drive-scrambling ransomware infected hundreds of computers at San Francisco's public transit agency on Friday and demanded 100 bitcoins to unlock data, The Register has learned. Ticket machines were shut down and passengers were allowed to ride the Muni light-rail system for free on Saturday – a busy post-Thanksgiving …

Silver badge
Childcatcher

Sign of the times

An entire mass transit system's IT gets badly mauled for money and the headline here is "Woot - free travel".

One day a few hundred people might see a message like that on the seat back displays on an aircraft. I am fairly sure the inflight entertainment system is air gapped from the flight control system on today's modern airliners.

10
1
Silver badge

Re: Sign of the times

Reminds me of the early days of auto-pilot ---

A friendly voice comes over the airliner's PA system:

"This plane is being piloted by an automated navigation system. This system has been thoroughly tested and there are no reasons to worry, no reasons to worry, no reasons to worry, ........."

10
0
Anonymous Coward

Re: Sign of the times

> One day a few hundred people might see a message like that on the seat back displays on an aircraft

It'd just make for bored passengers. Probably increase duty-free sales.

> I am fairly sure the inflight entertainment system is air gapped from the flight control system

It is, although there were reports circulating a few years ago about stuff jumping the gap, but never known to occur in the wild, intentionally or otherwise. There isn't such as thing as "the flight control system" anyway, but dozens of systems that operate more or less independently of each other, each with its own redundancy.

> on today's modern airliners.

By design, they are made to be inherently flyable. By far the major risk electronics pose is the corresponding fire hazard. In the event of a complete electrical power failure, you're essentially back to flying a C-172. As long as there is no fire, it's just an interesting day at the office.

7
4
Silver badge

Re: Sign of the times

"An entire mass transit system's IT gets badly mauled for money and the headline here is "Woot - free travel"."

Obviously concerns and priorities will vary, but to a certain demographic this could be perceived as a Robin Hood action.

5
0
Bronze badge

Re: Sign of the times

AFAIK a total power failure has never happened in a modern fly-by-wire aircraft and it's not something you'd train for. It has been done in simulators though.

But it's very unlikely to happen - if everything else fails (plane runs completely out of fuel, for example), there is a Ram Air Turbine deployed. Basically a small wind turbine attached to the aircraft to power the most important systems.

3
0

Re: Sign of the times

I remember that story from the early 70s amidst rumours of fully automated airliners soon to fly without pilots.

However, autopilots were around and in regular use in aircraft before WW2. Many WW2 bombers had them: every bomber carrying a Norden bombsight had an autopilot that was linked to the bombsight during the run into the target: during the run in the bombsight managed the autopilot's inputs to fly the bomber to the precise bomb release point.

By 1945, even DC-3 (C-47) troop transports were all fitted with autopilots.

11
0
Silver badge

Re: Ram Air Turbine

The ram air turbine loses power when you fly slowly, such as just before landing at a race track.

9
1
Silver badge
Paris Hilton

Re: Sign of the times

An entire mass transit system's IT gets badly mauled for money and the headline here is "Woot - free travel".

Better than the headline "An entire mass transit system's IT gets badly mauled for money and the headline here is "Passengers forced to walk because administration says nobody rides for free".

11
0
Anonymous Coward

Fly-by-wire

In the event of a complete electrical power failure, you're essentially back to flying a C-172. As long as there is no fire, it's just an interesting day at the office.

I sincerely hope you never experience a complete loss of electrical power on any modern passenger aircraft. For example Airbus designs past A320 do not have mechanical or hydrolic backups - all backup flight controls require at least some electrical power to stay on. Boeing designs do keep a mechanical backup through 777 at least (I could not quickly find whther 787 has a mechanical backup or not; perhaps someone more knowledgeable can comment) - so if you are truly paranoid, you should be very picky in choosing your flights, and in making sure that the crew is familiar with mechanical backup operation.

Reference: Fly-by-wire by wikipedia

5
2
Silver badge

Re: Sign of the times

An entire mass transit system's IT gets badly mauled for money and the headline here is "Woot - free travel".

A non-life threatening IT incident occurred and was reported by El Reg - an IT news website known for a heavy dose of sarcasm and humour, especially in its sub-heads.

Move along, nothing to see here.

11
0
Silver badge

Well this was completely avoidable

I mean it's just extremely risky to put a system that can easily run code from any e-mail and doesn't even show "file extensions" by default into the hands of untrained workers.

If they would have just been a bit more cautious and, for example, provided their users with simpler systems where they cannot easily make such fatal errors. If everything fails, give them terminals for the business end of things.

3
4
Silver badge

Re: Sign of the times

I am fairly sure the inflight entertainment system is air gapped from the flight control system on today's modern airliners.

I can tell you don't work in security; it's the touchingly naive faith in people to not make the most stupid mistake possible...

https://www.wired.com/2015/04/hackers-commandeer-new-planes-passenger-wi-fi/

2
2
Bronze badge
Alert

Re: Sign of the times

> In the event of a complete electrical power failure, you're essentially back to flying a C-172

I don't think so. In a Cessna there is a physical linkage between the pilot's controls and the plane's control surfaces, and the aerodynamic forces on the control surfaces are such that a pilot can move them with muscle power alone. Neither of those things is true for a modern jet airliner: the control surfaces are moved by hydraulics which don't go all the way back to the cockpit, and which depend on powered hydraulic servos - I would expect that an airliner with a *complete* electrical failure would be close to unflyable (un-landable, anyway), but IANAP, and would be very pleased if a real airline pilot would tell me otherwise.

4
0
Anonymous Coward

Re: Sign of the times

> AFAIK a total power failure has never happened in a modern fly-by-wire aircraft and it's not something you'd train for. It has been done in simulators though.

You are correct. It would be nearly impossible to lose all electrical power. Cockpit blackouts, on the other hand ... :b

1
0
Anonymous Coward

Re: Fly-by-wire

> I sincerely hope you never experience a complete loss of electrical power on any modern passenger aircraft

An electrical power failure refers to loss of generation capacity.

> Boeing designs do keep a mechanical backup

I was rated on the 738 and that did *not* have a mechanical linkage, that was all FADEC same as on the airbus, though they make it look old school by using servos to move the throttle.

For the flight surfaces, both major manufacturers have a form of mechanical backup, this being a certification requirement.

2
0
Anonymous Coward

Re: Sign of the times

> but IANAP

On the other hand, I am...

>, and would be very pleased if a real airline pilot would tell me otherwise.

...and I wrote the post you're referring to. :-)

Yes, I took a bit of dramatic licence to please the crowd, but that's indeed how it feels when you lose all the fancy bits.

And the myth about fbw aircraft being "uncontrollable" is sensationalist rubbish btw, don't pay attention to that.

1
2
Anonymous Coward

Re: Sign of the times

> I remember that story from the early 70s amidst rumours of fully automated airliners soon to fly without pilots.

Until someone put it through a customer focus group, that soon killed the idea. :-)

Which to be honest, we (pilots) have probably killed a lot more people than we've saved. But I for one I'm pleased that the cargo, if they make it, have someone onboard to blame for the "bad" landing.

> By 1945, even DC-3 (C-47) troop transports were all fitted with autopilots.

Yes, but nowadays when people talk about the autopilot, more often they refer to the bit that controls the autopilot (and the engines, radios, and other things) rather than to the autopilot itself. This is what was invented around the 70s, and which those headlines probably referred to.

I didn't know about those bombers you mention. Interesting. They had a lot of ingenuity back in those days.

2
0
Silver badge

Re: Sign of the times

" I am fairly sure the inflight entertainment system is air gapped from the flight control system on today's modern airliners."

I'm fairly sure, no certain, that you are wrong.

2
0
Silver badge

Re: Sign of the times

"And the myth about fbw aircraft being "uncontrollable" is sensationalist rubbish btw, don't pay attention to that."

There are aircraft that do not have manual reversion and that could not be flown by direct input to the controls.

0
2
Silver badge

Re: Sign of the times

"It would be nearly impossible to lose all electrical power"

So possible then.

0
0
Silver badge

Re: Sign of the times

Oh FFS, another downvoting cockwomble. The BAe Typhoon, B-2 Spirit and Lockheed F-117 Nighthawk have no manual reversion and cannot be flown by a pilot using direct input manual controls even if these were available. If you want to know how an aircraft type works, the last person you should ask is the pilot, he's just the bloody taxi driver. You see all you did with that downvote is make yourself look like a horse's ass, boy.

2
2
Orv
Bronze badge

Re: Sign of the times

There's a good reason for that -- airliners are designed to be inherently stable, so even without computer assistance they tend to fly roughly straight and level. If they diverge, it's slowly, on a time scale a human can react to and control.

Modern fighters are inherently *un*stable, because this increases maneuverability. Without the computer, it's impossible to remain in control.

On at least some fighter jets a loss of all of the redundant flight computers causes an automatic ejection. It goes south that quickly without them.

Mind you, most such systems have triply redundant (or better) control systems. (Two is no good because if they differ, you don't know which is correct.)

5
0
Orv
Bronze badge

Re: Fly-by-wire

Pretty sure instead of a mechanical linkage and ram-air turbine the 787 uses a redundant emergency battery pack. (You may recall initial issues with the packs trying to catch fire.) Hydraulics still provide the muscle, but everything else is electric, including the hydraulic pumps. What's distinctive about the 787 is it has no pneumatic systems; most airliners use high-pressure air bled off of the compressor stages of the engines to operate air conditioning, starters, and sometimes the backup hydraulic system. The advantage of not doing that is bleeding air out of the compressor stage makes the engines less efficient.

While electric systems get a lot of attention, a breach in the hydraulic system is far more likely to completely cripple an aircraft. Any leak that affects all three redundant hydraulic systems is likely to eventually bleed out all the fluid, freezing the actuators. This is what happened in United flight 232.

2
0

Re: Sign of the times

Military aircraft without passengers...

And the pilot can bail via eject seat.

So, apples and oranges...

And btw, pilot here as well, but only C-172-size planes.

2
0
Anonymous Coward

Re: Sign of the times

> So possible then.

Yes, possible, but extremely unlikely. Unless you've got more pressing issues to worry about, such as having run out of fuel in the middle of the Atlantic, in which case you might as well accept that this is not going to be a very good day.

1
0
Anonymous Coward

Re: Sign of the times

> You see all you did with that downvote is make yourself look like a horse's ass, boy.

I don't know who downvoted you last time, but this one is mine. Why are you so angry? Missed a flight recently or something? Was your ex a pilot? :-)

Hope you have a great day too, bye!

[Edit to say: Just saw your post about "manual reversion". I think I can see why it may have copped a downvote, it's a bit of a non sequitur as I read it.]

0
1
Anonymous Coward

Re: Sign of the times

> but only C-172-size planes.

Yeah, but you get to choose when and where you fly, and don't have to wear a silly shirt that'll get you mistaken by a cop¹ or shop attendant. Lucky bastard!

¹ As happened to a friend of mine in an inadvisable part of Glasgow in times gone by.

1
0
Silver badge

Re: Sign of the times

"There's a good reason for that"

Yes, I know. My work address used to have Royal Aircraft Establishment in it. Thanks for clarifying the point.

I was responding to the boastful pilot[1] who said: "And the myth about fbw aircraft being "uncontrollable" is sensationalist rubbish"

Note that he stated "aircraft" not "airliner" and he's downright wrong. There are FBW aircraft that are dynamically unstable and they cannot be flown by pulling on strings. As you say these tend to be military types and have, on the ones I'm aware of, quad-redundant control systems. Although there's a long and intense argument to be had about whether these systems are suitably redundant. For example they all tend to use the same firmware and processors so there's no independence of design.

it's amusing that rather than engaging in a discussion he's just downvoting, presumably with his bottom lip out in a childish pout, because he knows he was wrong but is too much of a child to admit it.

[1] Is there any other sort of pilot?

1
1
Silver badge

Re: Sign of the times

"Military aircraft without passengers..."

Yes, but military aircraft are aircraft. The Anon. Coward stated " the myth about fbw aircraft being "uncontrollable"". It's not a myth, some FBW aircraft are uncontrollable. If the AC wanted to refer solely to Civil Aviation he should have made that clear or referred to "airliner" rather than "aircraft".

Typical bus driver, he thinks his vehicle is the only one in existence.

0
1
Silver badge

Re: Sign of the times

"Just saw your post about "manual reversion". I think I can see why it may have copped a downvote, it's a bit of a non sequitur as I read it."

Perhaps the point was difficult to follow? It doesn't seem to be difficult but it may be. Manual reversion is only possible in aircraft which are inherently stable in flight. If as AC1 states it is a myth that FBW aircraft can be uncontrollable without the assistance of active FBW systems then all aircraft should be capable of manual reversion. Design teams will always provide manual reversion if possible as the ultimate failsafe. If they have not done so there's a reason and the reason is that the aircraft cannot be flown under manually control because it is dynamically unstable, i.e. "uncontrollable". Hence absence of manual reversion is a clear indication that a particular aircraft type is "uncontrollable".

As to "angry", no I'm not, but thanks for offering your point of view.

1
0

Re: Sign of the times

> And the myth about fbw aircraft being "uncontrollable" is sensationalist rubbish btw, don't pay attention to that.

Hrm... well sort of. 'Uncontrollable' is a bit dramatic of course, but then you yourself admitted to using dramatic licence to please the crowd, so... stones, glass houses etc. :)

Whilst the RAT for example would provide basic control, it is VERY basic - not uncontrollable, but definitely not ideal, and certainly not like suddenly being in a light aircraft as you stated.

0
0
Anonymous Coward

Re: Sign of the times

I guess I'm jealous considering the ransom I pay everyday to National Rail services in to London and then TFL, just to not get a seat, and to be squashed on the Sardintral (Central) Line which is an aluminium can full of red face passenger meat.

0
0
Vic
Silver badge

Re: Sign of the times

I would expect that an airliner with a *complete* electrical failure would be close to unflyable

A *complete* electrical failure would render the aircraft unflyable - but there's a vanishingly small probability of that. You would need to lose all the engines, the APU and the RAT. Any one of those being operable will give you effective control surfaces.

Vic.

1
0
Vic
Silver badge

Re: Ram Air Turbine

The ram air turbine loses power when you fly slowly

It produces less when travelling slowly - it is still generating, and the aircraft is still responsive.

In the example you cite, the pilots would probably have been better off putting the nose down a bit and gaining some extra speed anyway.

Vic.

0
0
Vic
Silver badge

Re: Fly-by-wire

Pretty sure instead of a mechanical linkage and ram-air turbine the 787 uses a redundant emergency battery pack

The 787 has a RAT.

Vic.

2
0
Silver badge

Re: Sign of the times

"I can tell you don't work in security;"

I do.

Have an upvote to help even the score because (a) you're talking sense and (b) the peevish downvoting couple really need to get a life, or even a pale imitation of one.

0
0

Running out of fuel--in middle of Atlantic

Actually has happened more than once--a Canadians has particular problems with conversions from metric fueling and English gauges. One in the middle of Atlantic at 40,000 feet. That was the saving grace--they coasted from flight altitude 120 miles (or was it 120 Km?) to a successful really dead stick landing in Azores.

0
0
Orv
Bronze badge

Re: Ram Air Turbine

"In the example you cite, the pilots would probably have been better off putting the nose down a bit and gaining some extra speed anyway."

Hard to say. They were going to overshoot, and without spoilers putting the nose down wouldn't have helped the matter. In fact, they were in a forward slip to try to shed some of that energy, which was probably part of the problem -- the air wouldn't have been entering the RAT straight on.

There were no ideal options, but the choices they made not only allowed everyone to walk away but even allowed them to use the airplane again later, so it's hard to fault them too much. ;)

1
0
Orv
Bronze badge

Re: Fly-by-wire

I stand corrected about the 787 RAT! That's a truly impressive level of redundancy.

0
0
Vic
Silver badge

Re: Ram Air Turbine

They were going to overshoot, and without spoilers putting the nose down wouldn't have helped the matter

Yes it would. Increasing speed from the optimum glide speed reduces the total range - i.e. it spills energy. This is standard glide procedure...

Vic.

1
0

Re: if everything else fails

``But it's very unlikely to happen - if everything else fails (plane runs completely out of fuel, for example)``

This is exactly what just happened to a Brazilian soccer team. It didn`t end well.

0
0
Silver badge

These infections seem almost inadvertent

Like the perpbots don't know what they're infecting and what the possible payoff might be.

Wonder how much an Internal Revenue service-type organization ransom would be worth?

Trump and/or Putin mega corporations?

0
0
Anonymous Coward

Re: These infections seem almost inadvertent

elDog>>Like the perpbots don't know what they're infecting and what the possible payoff might be.

I'm surprised they don't use a "Dutch auction" Those organizations with the right combination of the urgency and the resources might pay a high price immediately. Eventually the price will drop to the point where even a home user might say, well, I'll pay a few quid to not have to say goodbye to all those photographs.

0
0
Silver badge

Design failure

You have to wonder why they have not segmented their networks with firewalls, both to alert on compromise and minimise the effects if anything were to get in.

Having all the front end and back end systems with full connectivity will only ever lead to this sort of failure when something does go wrong.

10
1

Re: Design failure

Because that costs more money and "there's no need to do that". (At least, thats what management says *before* it goes wrong, *after* it goes wrong it's "how could you let this happen!")

31
0
Silver badge

Re: Design failure

' *after* it goes wrong it's "how could you let this happen!"'

Let's hope someone has the relevant emails backed up. Off-line naturally.

5
0
Silver badge

Re: Design failure

Because that costs more money and "there's no need to do that". (At least, thats what management says *before* it goes wrong, *after* it goes wrong it's "how could you let this happen!")

Exactly.

5
0
Silver badge
Devil

Re: Design failure

You have to wonder why they have not segmented

Ever tried to push for a non-flat network design in a SMB? I have some recollection of what it cost me to separate logically office, development, test, finances and a few others in one of my past jobs. Most IT people will not deal with the aggravation, or fail to get the budget and/or not have the qualification to build it themselves if budget is not granted.

In addition to this, there will be no lesson learned here. Instead of the right news headline: "Valley municipal IT are a bunch of clueless incompetent clowns" we have a headline of"Passengers ride free on SF Muni..."

6
2

Re: Design failure

Simply due to some domain admins still thinking that it's fine to put everything in the same domain. Face palm

0
0
Silver badge
Unhappy

Re: Design failure

You have to wonder why they have not segmented their networks with firewalls, both to alert on compromise and minimise the effects if anything were to get in.

What makes you think they haven't? The thing with firewalls is that you always have holes for allowed traffic. And where authorised traffic can pass, so can attackers. In this case, you need some way to push security updates, ticket price changes etc to the ticket machines, and a way for the terminals to report back on how many tickets they've sold / when / where to, how long until the chicken soup nozzle needs cleaning out, etc. Anything the admins can do, the attacker and their malware can do, once they've pwned an admin workstation.

2
1

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Forums

Biting the hand that feeds IT © 1998–2017