The Port Of San Diego Hit With Ransomware, Cyber Attackers Demand Bitcoin
The Port of San Diego has announced that it has suffered a ransomware attack which has affected its IT systems, and the attackers are demanding Bitcoin to decrypt the files.
The Port of San Diego has announced that it has suffered a ransomware attack which has affected its IT systems and that the attackers are demanding Bitcoin to decrypt the files.
Port of San Diego hit with ransomware
In a statement issued this week, the port’s authorities announced that the cyber-attack has affected its administrative functions including parking permits, public records requests, and business services.
According to Randa Coniglio, the Chief Executive Officer of the San Diego Port Authority, the attackers are demanding to be paid in Bitcoin before they can decrypt the files in the computer systems of the seaport.
Although revealing the demands of the perpetrators, Coniglio did not mention how much of the digital asset they requested:
“As previously stated, the investigation has detected that ransomware was used in this attack. The Port can also now confirm that the ransom note requested payment in Bitcoin, although the amount that was requested is not being disclosed.”
Investigations are ongoing
On September 27, the Port of San Diego announced that the FBI and Department of Homeland Security are investigating the source of the ransomware that disrupted the port’s information technology systems.
Following the security breach, Randa Coniglio stated that staff members of the port shut down other systems as a precautionary measure.
Coniglio noted that only a few operations at the port whose IT systems handles nearly three million tons of cargo have been disrupted. Coniglio stated that:
“The temporary impacts on service to the public are in the areas of park permits, public records requests, and business services,”
According to the report, the port is also closely communicating and coordinating with the U.S. Coast Guard to find a solution to the problem.
The port’s authorities have stated that the attack has not interfered with normal seaport operations, with the bay still open to ships and boats.
Ransomware is still lucrative
Although a recent survey conducted by Kaspersky Labs suggests that cybercriminals are transitioning from ransomware attacks to crypto-jacking malware, incidents of ransomware are still common.
This month, Kaspersky Labs reported that:
“The total number of users who encountered ransomware fell by almost 30%, from 2,581,026 in 2016-2017 to 1,811,937 in 2017-2018.”
In a separate, unrelated attack, the Port of Barcelona announced last week that its capability to handle the delivery and reception of goods could be somewhat hampered following a cyber attack.
Last year, the “NotPetya” attack on Maersk and APM Terminals demanded payment in Bitcoin, as is typical for most ransomware attacks.
Earlier this month, Midland, a Canadian town revealed that it had paid ransom in Bitcoin in order to obtain the decryption key from hackers who had breached its computer network.
In a similar incident, the servers of the Professional Golfers Association (PGA) of America were last month breached by hackers who encrypted files consisting mostly of creative materials, demanding payment in Bitcoin.
Defying all odds, the golfing body indicated that it would not pay the ransom. While some ransomware creators may encounter resistance similar to the PGA, most rely on the value of the data being worth more to the victim than the Bitcoin being demanded.