The Port of San Diego issued a statement on Wednesday claiming to have experienced a “serious” cyber-attack.
In the follow-up statement released yesterday, the port claimed that IT systems belonging to the Port of San Diego were infected with a piece of ransomware. Some of the ports systems were compromised as a result of the attack and others were shut down as a precautionary measure.
The port claims it was mainly an administrative issue and no port operations have been impacted by the attack. Park permits, public record requests, and business services are the only public services temporarily unavailable.
A ransom demand was received and payment was requested in the form of Bitcoin, but the amount and whether the ransom was paid was not disclosed.
The Port of Barcelona was also hit by ransomware earlier this month, but it's unclear if the attacks are related in any way. Similar to the Port of San Diego attack, the Port of Barcelona claimed only internal systems were impacted by the attack and that there was no impact on land or seaside operations.
Without continuous monitoring and patch management, systems will continue to be vulnerable and susceptible to attack. Organizations must embrace closed-loop intelligent change control to gain deep visibility into system configurations and spot any unusual activity that could represent a breach.
Attacks on industrial control systems pose an ever-larger threat because these systems run extremely critical services across the U.S., with the potential to impact the electric grid, water systems, and manufacturing plants.