According to reports from a US Coast Guard, the loss of
critical control monitoring system and physical access control system in one of
the ports is a result of a Ransomware infection.
The Coast guard published a security bulletin shortly before Christmas,
explaining that he Ryuk ransomware infiltrated the Maritime facility for more
than 30 hours. Although the maritime agency gave detailed explanations of the
attack, it did not disclose the location or name of the port authority.
US securities coast Guards put out the information to alert
other port authorities on the attack for a tighter security upgrade.
The USCG officials have revealed that the attackers were able to infiltrate the facility through a phishing mail one of the facility’s employees received. After the employee opened the malicious mail, the ransomware was able to infiltrate and gain access to several areas within the facility. According to the officials, the ransomware sent a threat actor and gain access to the facility’s IT network files. Afterwards, it was able to encrypt the files and block the facility from accessing vital files, USCG officials said.
The bulletin explained how the virus was able to spread
rapidly through the facility’s network. According to USCG, the virus spread
immensely to the important sections of the facility’s IT network. It also
impacted on the industrial control systems responsible for monitoring and
controlling cargo transfer. The virus infiltrated the files, encrypted them and
denied the facility access to those files for more than 30 hours.
The Coast Guard officials revealed that the ransomware
attack caused an imbalance in the whole corporate IT network. It disrupted both
the access control systems and the vital control monitoring protocols within
the network.
As a result of the attack, the port authority had no choice than to shut down the system’s entire IT network for more than a day. According to the coast guard, shutting down was necessary to prevent the ransomware from causing further damage before they could strengthen the security of the facility’s IT network.
Apart from the report on the ransomware attack, the
security bulletin also includes preventive actions to take against future
attacks. The advisory was published on Dec. 16 before other maritime ports
become targets for the Ryuk ransomware attack.
USCG has circulated the report across all maritime ports,
and it’s believed they are well informed about the activities of the
ransomware. The maritime facilities are advised to set up countermeasures as
soon as possible to detect and stay immune to the attack.
In the past, hackers have seen few loopholes in the
networks of port authorities. The networks are seen as easy targets to ransomware attacks.
In September last year, the ports in Barcelona and port in the
US (San Diego) were reportedly attacked with ransomware. The second attack
occurred five days after the first. After findings, it was revealed that the
Ruyk ransomware for responsible for both attacks.
Earlier in July last year, the Long Beach Port was
reportedly attacked by the same ransomware. However, before the attack could
cause damage, it was isolated and eliminated. According to reports at the time,
the attack was isolated at the port terminal of the Chinese shipping
company (COSCO).
And barely a year ago, there was a report by a consortium of 21 shipping associations in December last year, detailing how ransomware and other types of viruses were finding their ways into the networks of ships and ports. According to the report, there were worms, USB malware , ransomware, and other related viruses in some of the exposed port networks.
The increased threats to the port networks have alerted the US Coast Guards, and they have taken notice. Earlier this year, the Maritime Authority started issuing information about possible threats to the network of ships and ports. The Guards are also issuing security warnings not only against physical threats but against piracy and terrorism issues as well.
n1shopcc cardsdumpscom
Categories