The Port of San Diego was hit by a ransomware cyber-attack last week, with hackers demanding payment in Bitcoin.
The Port of San Diego was hit by a ransomware cyber-attack last week and the Federal Bureau of Investigation (FBI) and the Department of Homeland Security (DHS) are now investigating.
The incident was first reported on September 25, 2018. The Port says the ransomware attack has disrupted the agency’s IT systems but that the situation is "mainly an administrative issue". Normal Port operations are continuing as usual.
“The Port remains open, public safety operations are ongoing, and ships and boats continue to access the Bay without impacts from the cybersecurity incident,” a statement from the Port said.
The statement adds: “While some of the Port’s information technology systems were compromised by the attack, Port staff also proactively shut down other systems out of an abundance of caution.”
The Port has confirmed that the ransom note requested payment in Bitcoin, although the amount that was requested is not being disclosed.
A ransom note requested payment for an undisclosed amount in Bitcoin.
Port of San Diego CEO, Randa Coniglio, said: “The Port has mobilised a team of industry experts and local, regional, state and federal partners to minimise impacts and restore system functionality.
“The temporary impacts on service to the public are in the areas of park permits, public records requests, and business services.”
Cyber-attacks are a growing concern as infrastructure becomes more connected.
In 2015, Cesar Cerrudo, a professional hacker and CTO of IOActive Labs, published a whitepaper which warned that cities are “wide open” to cyber-attacks and that the more technology cities use, the more vulnerable they are.
In August, researchers from cyber-security specialist Threatcare and IBM X-Force Red, an autonomous group within IBM Security, revealed they had found 17 vulnerabilities in sensor and control devices deployed in cities around the world, eight of which they described as critical in severity.
In the light of the cyber-attacks we have seen since his research in 2015, Cesar Cerrudo recently warned that “the worst is yet to come” and “soon, everyone living in a city may suffer the consequences of cyber-attacks in some capacity.”
Cesar Cerrudo warns that “soon, everyone living in a city may suffer the consequences of cyber-attacks in some capacity.”
Reported incidents include the infiltration of Ukraine’s power grid, a ransomware attack on San Francisco’s Municipal Railway, the hacking of a water treatment plant at an undisclosed location (including the manipulation of systems that control the level of chemicals used to treat tap water), and more.
In March this year, the City of Atlanta suffered a large-scale SamSam ransomware cyber-attack which impacted around 119 applications to various degrees, putting many of them temporarily offline.
Last month, the City’s CIO and Director of Emergency Preparedness talked to SmartCitiesWorld about the attack, the takeaways for other cities and the next steps.