[BreachExchange] Port of San Diego hit by ‘ransomware’ cyberattack
Destry Winant
destry at riskbasedsecurity.com
Thu Sep 27 16:11:43 EDT 2018
https://fox5sandiego.com/2018/09/27/port-of-san-diego-hit-by-ransomware-cyberattack/
SAN DIEGO – One or more computer systems at the Port of San Diego have
been disrupted by a sophisticated cyberattack involving ransomware,
Port officials revealed Thursday.
The attack was first reported to Port officials on Tuesday, according
to a statement from the Port.
“The Port of San Diego continues to investigate a serious
cybersecurity incident that has disrupted the agency’s information
technology systems, and the Port’s investigation so far has determined
that ransomware was involved in this attack,” said Port of San Diego
CEO Randa Coniglio in a written statement. “The Port has mobilized a
team of industry experts and local, regional, state and federal
partners to minimize impacts and restore system functionality, with
priority placed on public safety-related systems.”
The team working on the attack was still trying to determine the
timing of the attack and the amount of damage to the Port’s
information systems, Coniglio said. It has affected systems used by
both the Harbor Police and computers used by other Port employees, he
added.
The Port did not release other details about the attack, but security
analysts told the San Diego Union-Tribune that the attack has
similarities to a ransomware attack against the city of Atlanta in
March. In that attack, criminals were able to shut down key services,
including wireless communications at the Atlanta airport and demanded
bitcoins to restore access to the computer systems.
The attack has been reported to the California Office of Emergency
Services and the County of San Diego Office of Emergency Services,
Port officials said.
More information about the BreachExchange
mailing list