A cybersecurity attach that was recently announced on Tuesday which was happened at the Port of San Diego, September 25, 2018, but the CEO Randa Coniglio announced on September 27, 2018, that the event was actually a ransomware attack on the port, which oversees more than 34 miles of coastline along San Diego Bay.
The port remains open, but the attack has probably leaded the agency’s information technology systems. According to press release, the port is now working with Federal Bureau of Investigation (FBI) and the Department of Homeland Security (DHS) on the investigation and remains in close communication and coordination with the U.S Coast Guard.
The normal port operations are yet continued while the attack on the network systems occurred. “Public safety operations are ongoing, and ships and the boats are continuing to access the bay without even any impact from the cybersecurity incident. While some of these port’s information technology systems were for sure compromised by this incident, port staff also proactively shut down other systems out of an abundance of caution,” Coniglio continued.
This attack has causes several temporary impacts on some of the public services, which do includes the park permits, public records requests, and the business services. A ransom note demanded payment in Bitcoin, while the port has not disclosed the amount request by the cybercriminals. No other information is yet available whether the port has paid the ransom or has retrieved access to any of these encrypted files is available at this time.
“The port of San Diego malware infiltration and subsequent ransomware demand is just the latest example of a local government entity (and critical infrastructure) being disrupted by ransomware, rendering employees unable to access enterprise applications and do their job,” said Sherban Naum, senior via president for corporation strategy and technology at Bromium.
“Unfortunately, it’s no longer a case of if a breach will occur, but when, and how quickly federal agencies can get systems back up and running. Government — whether local, state or federal — needs to stop playing catch up and supplement layered defenses with virtualization, protecting by design by isolating threats in a virtual environment. Only by isolating undetectable threats as the part of life and limiting the damage and profits that can made by them will we start to see the tide turn. This will keep employees productive and prevent ransomware from putting the organizations at risk on the stormy seas of the threat environment.”