A personal computer located in Russia was used earlier this year to hack into the Metro transportation agency’s computer network after repeated warnings that cybersecurity flaws left the agency’s systems vulnerable.
This was reported in the Inspector General’s report, released on Wednesday.
An unauthorized entry into Metro’s cloud system from a computer belonging to a former software vendor in January caught the attention of Metro’s Office of Inspector General (OIG).
Oversight agencies have been warning Metro about security issues for months.
The Inspector General’s report discusses factors that officials believe could threaten train safety.
The country’s third-largest transport system is under threat, responsible for transporting more than 600,000 people a day through the capital.
Metro’s security and audit teams found no indication that anything from the hacked system was copied to the Russian computer, the report notes.
Metro Chief Information Officer Torrey T. Martin and Chief Audit and Risk Officer Elizabeth Sullivan said Metro hired a Microsoft team to investigate the breach and make recommendations for improvement.
Federal cybersecurity experts are seeing an increase in the number of cyberattacks originating from Russia.
On May 9, the Cybersecurity and Infrastructure Protection Agency (CISA) warned businesses and institutions to protect themselves from a cyber espionage tool called Snake, developed by the FSB to gather intelligence on government networks. The malware has been detected in 50 countries, CISA said.
Read the Ukraine War News Latest Today on The Eastern Herald.