Ransomware infection led to a disruption of camera and physical access control systems, and loss of critical process control monitoring systems.
An infection with the Ryuk ransomware took down a maritime facility for more than 30 hours; the US Coast Guard said in a security bulletin it published before Christmas.
The agency did not reveal the name or the location of the port authority; however, it described the incident as recent.
"Forensic analysis is currently ongoing but the virus, identified as 'Ryuk' ransomware," the US Coast Guard (USCG) said in a security bulletin meant to put other port authorities on alert about future attacks.
Point of entry: phishing email
USCG officials said they believe the point of entry was a malicious email sent to one of the maritime facility's employees.
"Once the embedded malicious link in the email was clicked by an employee, the ransomware allowed for a threat actor to access significant enterprise Information Technology (IT) network files, and encrypt them, preventing the facility's access to critical files," the agency said.
Read the full story.
- 4,000 Marinas
- Thousands of anchorages
- Updated Charts
- Mile-by-Mile Navigation
- Highlighted Alerts & Cautions
- Full-Color Aerial Photographs
The Waterway Guide App Makes it easy to leave reviews, use our explorer, and view waterway guide materials all on the go!
