In April, New York’s subway authority was hacked by a group of cybercriminals with suspected Chinese government connections. The authority is responsible for operating all of New York’s train and bus systems and the attack exposed vulnerabilities in the services used by millions every day.

Fortunately, the authority operates a multi-layered security system which reportedly prevented the attack from spreading to other related systems. It’s been reported that the attack didn’t compromise any personal information of customers or employees and didn’t involve any ransom or demands.

It’s still not clear why the authority was targeted, but reports in the New York Times have suggested two theories: (1) that the motivation for the attack could have been related to China’s rail car production industry and gaining an understanding of the authority’s tendering process / contract awarding system; (2) seemingly unlikely, that the hackers simply entered the system by accident and when they found it was of little interest, left without taking any action.

This is just one in dozens of attacks on US critical infrastructure this year. In May, the American Colonial Pipeline Company was hacked which you find out more about in our blog here. These kinds of attacks are becoming more and more prevalent and both public and private organisations need to protect themselves; and as can be seen with the FBI’s response to that hack, governments whose resident companies are being attacked are also becoming increasingly responsive and sophisticated in their responses as they seek to coordinate the collective defences.