The cable car system is long over 700 meters and spans across the Moscow river linking the Luzhniki Olympic Complex to the observation platform on Sparrow Hills.
Two days after Moscow cable car was opened, the servers of the Moscow Ropeway (MKD), the organization that operates the infrastructure was infected with the ransomware and attackers requested the payment in Bitcoin.
The infection occurred on Wednesday, November 28, at around 14:00, local time, according to local news outlets,
“One day after opening to the general public, Moscow’s highly touted first-ever cable car was forced to shut down after a reported cyberattack.” reported The Moscow Times.
“However, a cyberattack forced all passengers to disembark the cable car only two hours after it opened, its operator said on Wednesday.”
A video on the Rossiiskaya Gazeta government daily’s website showed a police officer explaining people waiting in line that the cable car would not reopen “for technical reasons.”
On November 29, experts at MDK removed the malware from its systems and on November 30 the Cable car was resumed.
“Since November 30, 2018, the Moscow Ropeway (MKD) has been operating normally.
On November 29, 2018, the MKD officers diagnosed all the systems that ensure the safe operation of the cableway as part of test activities for the launch of the road.” states the announcement on the MKD website.
Russian police have identified the hacker who carried out the ransomware attack, a criminal case was launched into the hacker attack on the Moscow cable car server.
“The Nikulinsky inter-district prosecutor’s office recognized as lawful and justified the initiation of criminal proceedings by the investigative bodies of the Moscow police under Part 1 of Article 273 of the Criminal Code of the Russian Federation (” Creation, use and distribution of malicious computer programs “) into the cyber attack on the Moscow cableway server,” said the metropolitan prosecutor’s office Lyudmila Nefedova.
In November 2016, another public transport system was infected with ransomware,
This is not the first time that public transportation has been affected by ransomware. In November 2016, hackers crashed the computer system of the San Francisco’s Municipal railway, took offline the ticket kiosks offline and gave riders a free ride for an entire day.