Ryuk Ransomware continues to infect systems worldwide, the U.S. Coast Guard (USCG) announced that the malware took down the corporate IT network of a Maritime Transportation Security Act (MTSA) regulated facility.
“The purpose of this bulletin is to inform the maritime community of a recent incident involving a ransomware intrusion at a Maritime Transportation Security Act (MTSA) regulated facility.” reads the Marine Safety Information Bulletin. “Forensic analysis is currently ongoing
According to the USCG, the attack vector was likely a phishing email sent to the operators
“Once the embedded malicious link in the email was clicked by an employee, the ransomware allowed for a threat actor to access significant enterprise Information Technology (IT) network files, and encrypt them, preventing the facility’s access to critical files,” continues the USCG.
The Ryuk ransomware also infected the industrial control systems that monitor and control cargo transfer and encrypted files critical to process operations. The malware disrupted the entire corporate IT network, including camera and physical access control systems. The company was forced to shut down the primary operations of the facility for over 30 hours.
The USCG recommends the implementation of a set of security measures to protect the MTSA facility and reduce recovery time in case of an incident:
The Ryuk ransomware was involved in a long string of attacks targeting cities, hospitals, and organizations worldwide.
In September New Bedford city was infected with Ryuk ransomware, but did not pay $5.3M ransom. In April, systems at Stuart City were infected by the same Ryuk ransomware, in early March, Jackson County, Georgia, was hit by the same ransomware that paralyzed the government activity until officials decided to pay a $400,000 ransom to decrypt the files.
Recently the Ryuk ransomware was involved in the attacks against the city of New Orleans.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.