TfL cyberattack bites into profits with 30 million spent on recovery

Date:
Fri, 06 Dec 2024 11:00:00 +0000

Description:
Transport for London was hit with a cyberattack early September.

FULL STORY

To address the cyber attack Transport for London (TfL) suffered in September
this year, the organization has had to spend around 30 million (roughly $38
million), it was confirmed. 

This was the first time TfL tried to estimate the financial cost of the
cyberattack , The Standard writes in its report, adding that more data will 
be available in the coming weeks. 

In early September, the local government body responsible for managing the
transportation system in Greater London reported suffering a cyber-incident,
and a few weeks later, a teenager was arrested.

No insurance 

A subsequent investigation determined that certain customer data was accessed
and stolen, possibly including bank account numbers and sort codes. 

A spokesperson to the organization was cited saying that its still too early
to determine the full financial impact of the attack, since there are a range
of costs associated with managing and mitigating the cyber incident, on which
TfL has already spent around 5m. That, The Standard further clarifies,
includes external support - third-party cybersecurity organizations that help
respond and remedy the attack. There are also costs associated with delays to
some projects as well as costs that ensured we could keep London moving while
we dealt with the incident. 

TfL is still working on restoring its back office, it was said, and has
recently started accepting applications for concessionary fares. To make
matters worse, the organization was not insured against cyber-attacks since,
as the publication cites, such risk is borderline uninsurable. 

Every single penny that weve needed to divert to responding to the cyber
incident is a penny we cannot use for the benefit of customers and the 
benefit of improving services around London, TfL chief finance officer Rachel
McLean allegedly told the board. 

The 5m already spent has been funded out of TfLs central contingency budget
and we are doing everything we can to mitigate the impact and reduce the 
final cost. 

Due to their importance, safeguarding critical national infrastructure is
vital to maintain order and prevent potential disasters caused by threats 
such as cyber-attacks, commented Spencer Starkey, Executive VP of EMEA at
cybersecurity pros SonicWall. 

Ensuring the cybersecurity of critical national infrastructure requires a
comprehensive and ongoing effort. The ramifications of an attack and ensuing
outage on CNI can be disastrous and it's important to place the utmost amount
of time, money and efforts on securing them. 

Starkey called for constant communication and cooperation, as teamwork 
between private and public sectors, and imposing strict punishment, is the
best way to protect critical infrastructure. 

 Via The Standard

======================================================================
Link to news story:
https://www.techradar.com/pro/security/tfl-cyberattack-bites-into-profits-with
-gbp30-million-spent-on-recovery

$$
--- SBBSecho 3.20-Linux