Transport for London cyber incident: Researcher reacts

Cyber tunnel

Image: Getty

Andrew Peck, a cyber resilience PhD researcher at º¬Ðß²ÝÊÓƵ who, prior to joining the institute, had a career delivering IT solutions to big industry, healthcare and government, shares his thoughts on the ongoing Transport for London (TfL) cyber security incident.

“There is a lot of commentary on the ongoing cyber incident involving TfL, in part because everyone with a TfL account received an email yesterday informing them of the incident and reassuring them that their personal data is safe”, said Andrew.

“This is not a bad thing; so far TfL have been exemplary in how they're responding to this. They're exceeding their legal obligations – they have to tell people when their data is compromised, but there's no legal obligation to put their minds at rest – and keeping their operations running.

“They are also collaborating with experts from the National Crime Agency and National Cyber Security Centre to ensure evidence that may lead to prosecution is collected in a timely fashion.

“Those responsible for the cyber attack are probably quite nervous right now as they have clearly failed to achieve their objectives.”

What are the suspected objectives of this cyber attack?

“A cyber attack is successful when the something of value is extracted - such as customer or financial data - or when systems are successfully compromised to cause an effect in the real world", explains Andrew.

"Those responsible for cyber attacks also benefit if they are able to claim an attack that is particularly successful, embarrassing, or high profile.

“The timing of this attack is worth noting. It is the first week back at school after the holidays, and Parliament returns for their new term – the intent could have been to grind the capital to a halt during a very busy week.

“However, instead, what's been delivered is a worked example of exactly how to respond to this kind of attack, and how critical systems should be resilient against this kind of attack by sensibly keeping operational systems, customer data, and back-office systems in separate digital enclaves.”

How can future transport cyber incidents be prevented?

“The resilience of critical transport systems is something the Government is clearly taking seriously, and the Department for Transport (DfT) is currently funding future digital twins projects for cyber response.

"This involves working with top researchers and organisations, like TfL, to build systems that can model, predict, and respond to crises in real time.

“Such systems will allow emergency services and transport planners to keep the wheels turning, no matter what challenges arise."