TfL cyber security breach could have brought London to a standstill, says software security expert

by Kevin Borras

TfL is still in the midst of dealing with a “cybersecurity incident” that has disrupted operations at its corporate headquarters.

News of the incident broke yesterday evening, with TfL issuing a statement confirming the situation: “We are currently dealing with an ongoing cybersecurity incident. The security of our systems and customer data is very important to us, and we have taken immediate action to prevent any further access to our systems.”

Telecoms Tech News reports that while the exact nature of the incident remains undisclosed, experts like Andrew Brown, Software Security Expert at Propel Tech, believe this incident serves as a stark warning: “The TfL cybersecurity incident (they are currently sharing very little information about it – and rightly so) should be viewed as a sizeable near miss in the realm of cybersecurity.”

Brown highlights the attractiveness of such infrastructure to malicious actors: “It serves as a reminder for organisations in charge of mass transit, both in the UK and further afield, just how much of a lucrative target this type of infrastructure is for bad actors.”

TfL assured the public that it is “working closely with the relevant government agencies to respond” and will provide updates as the situation develops.

Shashi Verma, Chief Technology Officer at TfL, said: “We have introduced a number of measures to our internal systems to deal with an ongoing cybersecurity incident. Although we’ll need to complete our full assessment, at present, there is currently no evidence that any customer data has been compromised.”

Verma confirmed that “there is currently no impact to TfL services” and highlighted their collaborative efforts with national security bodies: “We are working closely with the National Crime Agency and the National Cyber Security Centre to respond to the incident.”

However, Brown warns against complacency: “It seems those in charge of cybersecurity at TfL have managed to get ahead of this with a rapid response, protecting both consumer data and ensuring zero disruptions to users—an impressive feat. However, just because they’ve thwarted it this time doesn’t mean they can get complacent.”

“The fact that their backroom systems were targeted highlights vulnerabilities that could have had far-reaching consequences. A successful breach could have led to a disruption in service – the tube alone reached four million journeys a day at the end of last year – that could’ve brought the city to a standstill this morning, not to mention data breaches on a massive scale.”

(Pic – Presiyan Panayotov/Dreamstime)

TfL cyber security breach could have brought London to a standstill, says software security expert

Related Stories

Give Kent residents Silvertown Tunnel concessions, says Dartford MP

For whom the toll tolls: Are motorists set to be charged for using the Rotherhithe tunnel?

WJ Group launches new control centre

TfL selects Global and JCDecaux to manage its advertising contracts

Popular this month

A9 road safety to benefit from new road marking and solar road studs

Jet Plant Hire launches groundbreaking ‘Jet School’ to train future generation of road planer operators

The strong arm of the lawn: Dartford Bridge shut as man attempts to cross it on mower

Norfolk set for 11 weeks of A11 disruption

Hundreds sign up to learn more about Graduated Driving Licences from TRL webinar

Slowing demand for EVs “forcing manufacturers to ration petrol models”

Active travel projects in Scotland “shelved”

Derbyshire launches new road repair material trial

Highways News Alerts

subscribe now

HIGHWAYS... DAILY