According to San Francisco's Examiner, the municipal light railway system was having to allow passengers to travel free, after their fares machines succumbing to encrypting ransomware on Friday afternoon and going out of service. Workers were greeted with the message "You Hacked, ALL Data Encrypted. Contact For Key(firstname.lastname@example.org)ID:681 ,Enter." appearing across the networks.
Reports suggest a ransom demand of 100 Bitcoins, at current rates approximately equivalent to $73,500, and an investigation is underway. As yet no story has emerged as to how the ransomware found its way into the network, whether it was a lucky happenstance for the criminals or the result of a deliberately targeted attack, or what progress has been made in resolving the lock-out. In the absence of any hard detail it is difficult to draw any lessons or conclusions. The Yandex address suggests that the source of the infection is probably (though by no means guaranteed to be) Russia, and I am moved to make a flippant remark about hoping there is a backup to restore to. I look forward to more detail.