Senators Chuck Schumer (D-NY) and Kirsten Gillibrand (D-NY) have called for a $500 million increase in funding for the Cybersecurity and Infrastructure Security Agency’s (CISA) in the wake of a recent network breach of New York’s Metropolitan Transit Authority (MTA).
The attack, which was not disclosed publicly, occurred in April 2021. Hackers allegedly backed by the Chinese government are said to have carried out the operation. The crew reportedly penetrated at least three of the agency’s 18 databases, reports said. None of New York’s transportation systems were affected and no riders were at risk, the New York Times reported. According to MTA officials, the attack did not compromise customers’ personal data. At this point, it is not clear why the hacking crew targeted the MTA.
“The veritable darts keep piling up to prove there is a cyber-bulls eye smack on the MTA and other mass transit systems that the feds must better shield, and part of the way to do this involves the upcoming federal budget, where the chance to boost the MTA’s cybersecurity protections will be a major priority,” Schumer said.
CISA and Cyberattack Risk Mitigation
Thousands of cybersecurity professionals and MSSP employees depend on the CISA alerts, which frequently include vulnerability details, patch information, breach notifications and best practices to help mitigate cyber risks.
The senators said the extra CISA funding could help keep hackers from breaching public computer systems, including the MTA. More than $2 billion in discretionary funding allocated to CISA is line-itemed in President Biden’s FY 2022 proposed budget request sent to Congress. The CISA discretionary request amounts to a $110 million increase from the 2021 enacted level. Two Congressional lawmakers are urging the House Appropriations Committee to allocate at least $400 million more to CISA’s budget for FY 2022.
Schumer said he is initiating a government-wide review of recent high-profile cyber attacks on government agencies and private sector entities to determine if legislation is needed to “counter the threat of cyber crime and bring the fight to the cyber criminals," he said.
Cyberattacks Target U.S. Agencies and Infrastructure
The attack on the MTA is among a number of offensives launched by state-backed cyber groups tied to China and Russia. U.S. law enforcement has linked the Russia-based DarkSide hacking crew to the forced shutdown of the Colonial Pipeline network; the massive SolarWinds Orion attack has also been connected to Russian operatives; and, a China-based hacking group is suspected in the Microsoft Exchange Server Hafnium email hack.
In 2016, the ticketing system of San Francisco’s Municipal Transportation Agency was hit by hackers, forcing the agency to shut down operations for three days. In 2019, a ransomwre hack on the Fort Worth, Texas transportation network caused operators to lose access to IT systems, data and customer support and other services. And, in October 2020, ransomware hijackers blocked email access to parts of the Philadelphia, Pennsylvania transit authority’s operations for months.