UK travel company Go-Ahead Group has confirmed that its operations have been disrupted due to a “cyber incident”, threatening rush hour commuter travel.
Go-Ahead Group operates regional public transport services in the form of buses and is the Capital’s largest bus operator, managing routes on behalf of Transport for London (TfL).
According to wider reports, it’s believed that bus and driver rosters are affected by the incident and an official statement suggested this, with the Group only confirming that “that there is no impact on UK or international rail services which are operating normally”.
“Go-Ahead announces that it is currently managing a cyber security incident after detecting unauthorised activity on its network on Monday 5 September 2022,” the company said.
“Upon becoming aware of the incident, Go-Ahead immediately engaged external forensic specialists and has taken precautionary measures with its IT infrastructure whilst it continues to investigate the nature and extent of the incident and implement its incident response plans.”
Go-Ahead also said the relevant regulators had also been notified, including the UK’s Information Commissioner's Office (ICO), and that it will continue to assess the impact on its operations, providing updates via social media channels.
The company has not indicated the nature of the attack and did not reply to IT Pro’s request for further details.
RELATED RESOURCE
Cyber resiliency and end-user performance
Reduce risk and deliver greater business success with cyber-resilience capabilities
It told The Guardian that it was working with IBM to restore the affected parts of its systems from backups and return to normal service.
In addition to serving London’s bus routes, Go-Ahead also runs bus services throughout the south of England, in the North East and North West, comprising 11% of the nation’s bus market, by its figures.
It also operates several rail services such as Great Northern, Thameslink, Gatwick Express, and Southern - part of the larger Govia Thameslink Railway network - representing 30% of all UK rail services.
Outside of the UK, Go-Ahead operates rail services in Norway and Germany, as well as bus routes in Singapore, Sweden, and Ireland. It’s currently unclear if the bus services outside of the UK are affected by the incident.
The perceived threat to critical services such as transport and energy has increased in recent times and since the Colonial Pipeline attack in the US last year.
In response, the UK government said it would update the Network and Information Systems (NIS) regulations that govern such services to ensure they are all appropriately protected from a cyber security perspective.
-
300 days under the radar: How Volt Typhoon eluded detection in the US electric grid for nearly a yearAnalysis Lengthy OT lifespans give attackers time to penetrate networks underpinning critical infrastructure and plan future disruption
-
The business value of Zscaler Data ProtectionWhitepaper Understand how this tool minimizes the risks related to data loss and other security events
-
Why your business needs zero trustWhitepaper How zero trust can right the wrongs of legacy security architecture
-
Definitive guide to ransomware 2023Whitepaper A guide to help rethink your defence against ransomware threats
-
Why Fulham FC’s geography makes running IT so challengingCase Study Fending off cyber criminals and keeping equipment updated on match days is more difficult than you might think
-
Hardware security and confidential computing in server platformswhitepaper Computing security is central to IT infrastructure transformation
-
Capita cyber attack could cost firm up to $25 million in feesNews Capita’s costs in the wake of a cyber attack could exceed expectations, experts have warned
-
Capita finally admits breach affecting 4% of its servers
News It also allegedly misled the public about when the breach took place
