Cyberattack Disrupts Port of San Diego Operations, Highlighting Ransomware Threats to Shipping Industry
In a recent cybersecurity incident, the Port of San Diego fell victim to a ransomware attack that disrupted key administrative systems. The malware infiltrated the port’s computer network, impacting services such as the issuance of parking permits, public records requests, and general business operations. While the attack did not halt maritime activities or endanger public safety, it underscored the growing vulnerability of critical infrastructure to cyber threats.
The port confirmed that hackers demanded payment in Bitcoin, though the specific malware strain was not disclosed. The FBI and Department of Homeland Security are assisting in the investigation and recovery efforts. This incident follows a broader trend of ransomware targeting shipping and logistics sectors, including last year’s high-profile NotPetya attack on Maersk, which resulted in an estimated $200 million in losses and weeks of operational disruption.
The Port of San Diego, which manages 34 miles of coastline, joins a list of maritime entities affected by cyberattacks, including a brief closure of China Ocean Shipping Company’s Long Beach terminal due to malware. While the port emphasized that normal operations continued, the attack serves as a reminder of the financial and operational risks posed by ransomware to global supply chains.
Source: https://www.bbc.com/news/technology-45677511
A.P. Moller - Maersk cybersecurity rating report: https://www.rankiteo.com/company/maersk-group
"id": "MAE1781271625",
"linkid": "maersk-group",
"type": "Ransomware",
"date": "6/2017",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'industry': 'Maritime/Logistics',
'location': 'San Diego, California, USA',
'name': 'Port of San Diego',
'type': 'Port Authority'}],
'data_breach': {'data_encryption': 'Yes'},
'description': 'The Port of San Diego fell victim to a ransomware attack that '
'disrupted key administrative systems, including the issuance '
'of parking permits, public records requests, and general '
'business operations. Maritime activities and public safety '
'were not affected, but the attack highlighted vulnerabilities '
'in critical infrastructure.',
'impact': {'operational_impact': 'Disruption of administrative services',
'systems_affected': 'Administrative systems (parking permits, '
'public records requests, general business '
'operations)'},
'investigation_status': 'Ongoing',
'lessons_learned': 'The incident underscores the growing vulnerability of '
'critical infrastructure to cyber threats, particularly '
'ransomware attacks targeting the shipping and logistics '
'sectors.',
'motivation': 'Financial gain',
'ransomware': {'data_encryption': 'Yes', 'ransom_demanded': 'Yes (Bitcoin)'},
'references': [{'source': 'Port of San Diego Statement'}],
'response': {'law_enforcement_notified': 'Yes',
'third_party_assistance': 'FBI, Department of Homeland Security'},
'title': 'Ransomware Attack on Port of San Diego',
'type': 'Ransomware'}