Hackers have targeted the Port of San Diego in a ransomware attack that disrupted the agency’s IT systems.
Officials are working with the FBI and the Department of Homeland Security to investigate what is described as a “serious cybersecurity incident.”
“It is important to note that this is mainly an administrative issue and normal Port operations are continuing as usual,” said Port of San Diego CEO Randa Coniglio, in a statement released Thursday.
The Port remains open, public safety operations are ongoing, and ships and boats continue to access San Diego Bay without any impact from the incident, she explained.
The attack was first reported Tuesday. “While some of the Port’s information technology systems were compromised by the attack, Port staff also proactively shut down other systems out of an abundance of caution,” Coniglio said. “The Port has mobilized a team of industry experts and local, regional, state and federal partners to minimize impacts and restore system functionality. The temporary impacts on service to the public are in the areas of park permits, public records requests, and business services.”
In ransomware attacks, hackers often attempt to encrypt a computer network’s data to hold it “hostage,” providing a digital decryption key to unlock it for a price.
On Thursday the Port confirmed it received a ransom note requesting payment in Bitcoin, but is not disclosing the amount requested.
The incident is the latest in a series of ransomware attacks against U.S. targets.
An Alaskan borough, for example, had to dust off its typewriters following a major ransomware attack.
Earlier this year, the City of Atlanta was targeted in a ransomware attack that impacted a number of its systems. A virulent form of ransomware known as SamSam was used against the City.
Last year, a major ransomware attack forced the shutdown of a host of IT systems at Mecklenburg County, North Carolina.
Also in 2017, a hacker targeted Sacramento Regional Transit, deleting 30 million files in a ransomware attack. Officials worked to restore the data from backup files.
In 2016, a Los Angeles hospital paid a ransom of nearly $17,000 in bitcoins to hackers who infiltrated and disabled its computer network.
Set against this backdrop, organizations need visibility into the ransomware threat, according to Barry Shteiman, VP of research and innovation at cybersecurity specialist Exabeam.
“To detect ransomware early enough to stop it, cybersecurity teams must understand the business models used by ransomware network operators, as well as have visibility into the kill chain of a ransomware attack, and how to detect and disrupt ransomware in corporate environments,” he said in a statement emailed to Fox News Thursday. “Armed with this information, analysts should be able to react faster in the unfortunate event their organization is hit with a ransomware infection.”
The Associated Press contributed to this article.
Follow James Rogers on Twitter @jamesjrogers