Unknown ransomware operators have crippled taxiing services in Gangwon-do, South Korea, freezing transportation, including taxis serving disabled citizens, in multiple counties across the vast province.
Gangwon is a mountainous, forested province in northeast South Korea, with its capital at Chuncheon. Its northern boundary is the Military Demarcation Line, separating it from North Korea’s Kangwŏn Province.
Local news outlet etnews.com reports that a company operating a ‘call taxi system’ in most cities and counties in Gangwon-do was struck by ransomware, “and call taxi calls through smartphone apps were blocked,” reads the Google-translated story.
Citizens were forced to use landline numbers to order rides, while service to clients simply stopped in some areas.
“In the case of Chuncheon, dispatches are made using other programs, but in other cities and counties, the store will be closed,” said a taxi driver in the Chuncheon area.
In the Busan area, taxi services for disabled citizens were also affected. With their servers affected by the hack, orders are now “manually switched and operated, so dispatching is significantly delayed.” Because of the inconvenience, the city is giving disabled citizens a 65% discount on rides.
One of the affected taxi companies in the Busan area told reporters that their servers were struck by ransomware “by an overseas hacking organization around 2 am on the 17th, and all centers and backup servers in service were infected [and] stopped.”
“In this regard, immediately after infection, we confirmed that it was a new type of ransomware through the Korean Ransomware Recovery Center, and contacted the hacker in the early morning of the 18th for an urgent solution and contacted the hacker to restore the backup server,” the company explained.
The firm immediately paid the ransom and received the decryption key hours later. At the moment, IT experts are carrying out emergency recovery procedures. Recovery is expected to take up to three days.