A few days ago the Port of Barcelona was hit by a cyber attack that caused several problems to the critical infrastructure, now another major international port was targeted by attackers.
The second attack was reported on September 25 and hit the Port of San Diego, in the United States.
Several computers at the Port of San Diego were infected with a ransomware, the incident impacted the processing park permits and record requests, along with other operations.
According to the officials, the ordinary operations, including ship access and public safety, have not been affected by the cyber attack.
“The Port of San Diego has experienced a serious cybersecurity incident that has disrupted the agency’s information technology systems. The Port first received reports of the disruption on Tuesday, September 25, 2018. The Port has mobilized a team of industry experts and local, regional, state and federal partners to minimize impacts and restore system functionality, with priority placed on public safety-related systems. The Harbor Police Department has alternative systems and procedures in place to minimize impacts to public safety.” said Randa Coniglio, Chief Executive Officer for the Port of San Diego in a statement published on the site of the port the day after the attack.
“Additionally, we have reported this disruption to the California Office of Emergency Services (Cal OES) and the County of San Diego Office of Emergency Services. Port employees are currently at work but have limited functionality, which may have temporary impacts on service to the public, especially in the areas of park permits, public records requests, and business services. No further information is available at this time; updates will be provided as information is available,” said Port of San Diego CEO Randa Coniglio.”
The operator at the port promptly reported to the California Office of Emergency Services and the County of San Diego Office of Emergency Services. Feds and the Department of Homeland Security launched an investigation into the attack.
In July the China Ocean Shipping Co. Terminal at the Port of Long Beach was hit by a cyber attack, according to COSCO a “local network breakdown” disrupted some systems in the United States.
Clearly, the series of “disruptive” cyber-attacks reported by three ports raises the discussion about the level of security of this kind of infrastructure.
Port authorities are privileged targets for hackers and they are often easy to attack.
The fear is that a threat actor is focusing his efforts against port worldwide.
(Security Affairs – Pangu iOS 12 jailbreak, hacking)