The cyberattack against LA Metro has been linked to the Iranian government through investigations connecting the claimed attacker, Ababil of Minab, to Iran-linked infrastructure and activity. The incident caused internal disruptions and involved data theft and destructive actions, including access to systems used to monitor trains. #LAMetro #AbabilofMinab #BlackShadow
Keypoints
- LA Metro suffered a disruptive cyberattack discovered in mid-March.
- The incident caused internal operational disruptions but did not affect rail or bus service.
- Ababil of Minab claimed responsibility and said it wiped data and exfiltrated over 1TB of files.
- Evidence showed access to virtualization, IIS, and train-monitoring OT systems.
- Gambit linked the operation to infrastructure associated with Black Shadow and Iranβs Ministry of Intelligence and Security.
Read More: https://www.securityweek.com/la-metro-cyberattack-linked-to-iranian-state-sponsored-hackers/