Metro (WMATA)

A cyberattack took down Metro's website for two hours. Here's what a cybersecurity expert says

"So what they're trying to do is, hackers are trying to flood your network so you can't operate," cybersecurity expert Steve McKeon told us

NBC Universal, Inc.

Metro experienced a cyberattack last week that took down its main website for hours, News4 has learned.

On the evening of May 7, Metro noticed something was wrong. A tweet at 7:51 p.m. stated that Metro's website, WMATA.com, was temporarily down. It then became clear that Metro was going through a cyberattack.

The website wouldn’t be fully restored until about two hours later.

"Last Tuesday, Metro's website experienced a denial-of-service attack," Metro told us in a statement. "None of our customer or employee data was compromised and wmata.com was not breached. Additionally, our services – including the SmarTrip app and mobile transactions – were not impacted."

Havoc and harm is the idea of this kind of hack, a denial-of-service attack, says cybersecurity expert Steve McKeon.

"So what they're trying to do is, hackers are trying to flood your network so you can't operate," McKeon said. "It's like: Try to imagine if you had a hose and you are running water though it. They're putting more water than that those can handle."

"Here's the thing," he said. "They're looking to extract as much value from you as possible. They are going to go in, look around — see where they can find the most value."

Transportation

Reporter Adam Tuss and the News4 team are covering you down on the roads and in transit.

‘Lexus lane'? Express lanes proposed for Beltway in Virginia, Maryland

Metro workers call for more protection after station manager assaulted

Metro says it actually deals with cyberattacks and hacks pretty frequently.

But McKeon says this could be a red flag and Metro should check its IT systems.

"These hackers are pretty clever. So hopefully they don't find anything, but you never even know," McKeon said. "So I think they definitely should take a closer look."

He believes riders' SmarTrip accounts and personal information should be OK after this cyberattack.

Metro officials have notified the Transportation Security Administration (TSA), because the TSA has a vested interest in the cybersecurity of surface and air transportation, they said.

The TSA told us that the Federal Transit Administration and Cybersecurity and Infrastructure Security Agency are also now aware of this cyberattack.

Contact Us