“The Port can also now confirm that the ransom note requested payment in Bitcoin, although the amount that was requested is not being disclosed”
The Port of San Diego in Southern California has been hit by a ransomware attack that affected a range of administrative systems, but did not impact cargo operations at the port, which handles over 2.5 million metric revenue tonnes of cargo yearly.
Port authorities have confirmed the ransomware attack and said that the hackers have request a Bitcoin payment to release the Port’s systems, without specifying the sum. The attack has affected IT systems and they are unsure of the extent of the damage.
The Port’s CEO Randa Coniglio said in a public statement: “The Port remains open, public safety operations are ongoing, and ships and boats continue to access the Bay without impacts from the cybersecurity incident. While some of the Port’s information technology systems were compromised by the attack, Port staff also proactively shut down other systems out of an abundance of caution.”
Port of San Diego Designated “Strategic Port” by Department of Defense
Designated one of 17 “strategic ports” by the Maritime Administration and the Department of Defense, San Diego is home to the largest naval complex in the world, and contains the US West Coast’s only full service shipyard, and two ship repair yards.
Homeland Security and the FBI are involved in the investigation.
Port authorities have also contracted cybersecurity experts from across industry and state agencies to tackle the problem, with an emphasis on restoring system functionality in public safety related systems.
Port of San Diego
Operating since 1962 the Port of San Diego is California’s fourth largest port.
It comprises two maritime cargo terminals, two cruise ship terminals and the Harbour Police Department, it is also in charge of an extensive commercial waterfront. The Port administration deals with hundreds of tenant and business leases as the waterfront contains 17 hotels and 74 restaurants.
Unfortunately it is these business that are affected by the cyber-attack.
In a second update on the developing situation Mr Coniglio stated that the: “Port employees continue to have limited functionality which may have temporary impacts on service to the public, especially in the areas of park permits, public records requests, and business services.”
“The Harbour Police Department continues to use alternative systems and procedures in place to minimize impacts to public safety,” he noted.
Ransomware attacks on Port administrations is a costly event. At the beginning of this year the City of Atlanta was the subject of a ransomware attack using the malware SamSam. The attacks sought $50,000 worth of Bitcoin.
While it is unknown if the city paid the ransomware it has been documented that the attack cost the city $2.6 million in incident response and digital forensics. This is not including any revenue lost while certain administration functions such as permit granting and parking meters were not in operation.