Go-Ahead battling cyber-attack
Go-Ahead is currently managing what it describes as a ‘cyber security incident’ after detecting unauthorised activity on its network on Monday 5 September 2022.
On the day the attacks were announced, Go-Ahead subsidiary Go North East reported technical issues. Fellow subsidiary Brighton & Hove reported a number of ‘mechanical issues’ yesterday too, leading to disruptions to services.
Upon becoming aware of the incident, Go-Ahead immediately engaged external forensic specialists and has taken precautionary measures with its IT infrastructure while it continues to investigate the nature and extent of the incident and implement its incident response plans.
Go-Ahead will continue to assess the potential impact of the incident but confirms that there is no impact on UK or International rail services which are operating normally.
As a precaution, Go-Ahead has notified relevant regulators, including the Information Commissioner’s Office in the UK.
“One of the important points of consideration is that no industry or vertical is, or can be assumed safe from cyber-attacks” – Jaavad Malik, KnowBe4
Javvad Malik, lead security awareness advocate at cyber-security specialist KnowBe4, commented on the attack: “Details around the attack are limited at the moment, but it would not be a surprise to anyone if this turns out to be a ransomware attack.
“It does appear that Go-Ahead has an incident response plan in place and external specialists on retainer which should help them recover from the incident quicker.
“One of the important points of consideration is that no industry or vertical is, or can be assumed safe from cyber-attacks. All organisations of all sizes can be potential victims, and with the greater reliance on digital systems, the impact can be huge. Therefore, investing in robust security controls that can protect, detect, and respond to attacks is no longer optional.”