Incident Of The Week: Port Of San Diego Suffers Cyber-Attack

Agency Hit With Breach Similar To Atlanta



Dan Gunderman
09/28/2018

Port of San Diego

In the dynamic world of cyber security, breaches are both tightly guarded and, sadly, imminent.

 Combing through data, market research and threat-defense efforts taken by enterprises can be a daunting task. Here at Cyber Security Hub, we both track the latest industry news and make it more navigable for the IT professional. Cyber Security Hub coverage extends outwards – as it helps enterprises batten down their proverbial hatches.

In this edition of “Incident of the Week,” we examine a recent cyber-attack on the Port of San Diego. The event was reportedly a sophisticated attack that has been likened to the 2018 ransomware offensive on the city of Atlanta.

The attack has reportedly affected the agency’s ability to process permits and records requests, along with other services, according to the San Diego Union-Tribune.

See Related: Incident Of The Week: U.S. State Department Experiences Data Breach

The outlet suggests that the “digital assault” is comparable to the Atlanta incident, where hackers seized control of network devices, disabling critical municipal services (including wireless communications at the Atlanta airport).

The cyber-attack has also impacted the San Diego Harbor Police Department, whose jurisdiction is the port. It is now said to be using “alternative” systems, according to the Union-Tribune.

In a statement, CEO Randa Coniglio said, “The Port of San Diego has experienced a serious cyber security incident that has disrupted the agency’s information technology systems. The Port has mobilized a team of industry experts and local, regional, state and federal partners to minimize impacts and restore system functionality, with priority placed on public safety-related systems.”

See Related: Incident Of The Week: British Airways Breach Leaks 380K Transactions

Technical details of the hack have not been released, but it has been documented that systems began to feel its effects on Tuesday.

The agency, comprised of nearly 600 employees, monitors 34 miles of San Diego Bay waterfront property. It spans five cities and holds 800 businesses, the Union-Tribune notes. Sharon Bernie-Cloward, President of the San Diego Port Tenants Association, told the outlet via email that “so far, no one has been impacted.”

Law enforcement has been made aware of the breach, including the California Office of Emergency Services and the County of San Diego Office of Emergency Services.

The FBI frequently takes on investigations of this sort and has outlined the course of a ransomware attack, from the initial hit to the demand for cryptocurrency, to uncertainty around file decryption. The agency has also indicated that approximately 4,000 computers were infected every hour last year.

Agencies are often targets of cyber-attacks, including attempts to obtain personally identifiable information (PII), intelligence, etc. Further, San Diego also fell victim to a cyber-attack in 2016, as it hosted the Major League Baseball All-Star Game. In that case, a distributed denial-of-service (DDoS) attack slowed computers.

Be sure to return to the Cyber Security Hub for continued editions of the “Incident of the Week.” Recent coverage has tackled the T-Mobile, U.S. State Department and Cosco Shipping breaches, among others!

Check Out: Incident Of The Week: T-Mobile Data Breach Impacts 2M Customers

RECOMMENDED