In March 2017, the Port of Vancouver suffered a cyber incident triggered by an attendee’s infected device connecting to the port’s Wi-Fi during a crowded meeting. The malware spread to the network, disrupting a live feed in an overflow room and causing operational interruptions until staff resolved the issue by noon. Following the incident, the port faced hundreds of denial-of-service (DoS) attacks weekly until system adjustments were implemented. While the attack originated internally unlike typical external DoS attempts it primarily caused temporary service disruptions, including degraded live-streaming functionality. No evidence suggested data breaches, financial losses, or long-term reputational harm beyond minor operational delays. The port’s IT team mitigated the immediate impact, but the recurring DoS attacks highlighted vulnerabilities in their network defenses. The incident underscored risks posed by insider-connected devices but did not escalate into broader systemic failures or data compromises.
Source: https://www.columbian.com/news/2017/mar/10/port-of-vancouver-meeting-hindered-by-cyberattack/
TPRM report: https://www.rankiteo.com/company/vancouver-fraser-port-authority
"id": "van429092125",
"linkid": "vancouver-fraser-port-authority",
"type": "Cyber Attack",
"date": "3/2017",
"severity": "60",
"impact": "2",
"explanation": "Attack limited on finance or reputation"{'affected_entities': [{'industry': 'Transportation / Logistics',
'location': 'Vancouver, Canada',
'name': 'Port of Vancouver',
'type': 'Government / Port Authority'}],
'attack_vector': ['Infected device connecting to internal Wi-Fi',
'Internal network propagation'],
'date_detected': '2017-03',
'description': 'In March 2017, the Port of Vancouver was hit by malware and a '
'denial-of-service (DoS) attack. An attendee at a crowded '
'meeting unknowingly had a virus on their computer, which '
'spread to the port’s Wi-Fi network upon connection. This '
'caused disruptions, including issues with a live feed of the '
'meeting in an overflow room. The staff resolved the immediate '
'issue by noon, but the port continued to face hundreds of DoS '
'attacks weekly until adjustments were made to its computer '
'systems. Such attacks were not uncommon for the port, though '
'this incident originated from an internal source.',
'impact': {'downtime': ['Temporary disruption of live feed (resolved by noon)',
'Ongoing DoS attacks until system adjustments were '
'made'],
'operational_impact': ['Disruption of meeting live feed',
'Increased IT workload due to repeated DoS '
'attacks'],
'systems_affected': ['Wi-Fi network',
'Live feed system for overflow room']},
'initial_access_broker': {'entry_point': "Attendee's infected computer "
'connecting to port Wi-Fi'},
'post_incident_analysis': {'corrective_actions': ['Adjustments to computer '
'systems to mitigate DoS '
'attacks',
'Likely improvements to '
'Wi-Fi security (implied)'],
'root_causes': ['Unsecured Wi-Fi access for '
'attendees',
'Lack of endpoint protection for '
'external devices']},
'response': {'containment_measures': ['Isolation of infected device (implied)',
'Adjustments to computer systems to '
'mitigate DoS attacks'],
'incident_response_plan_activated': True,
'recovery_measures': ['Restoration of live feed by noon'],
'remediation_measures': ['System adjustments to prevent '
'recurring DoS attacks']},
'title': 'Malware and DoS Attack on the Port of Vancouver (2017)',
'type': ['Malware', 'Denial-of-Service (DoS)'],
'vulnerability_exploited': ['Unsecured Wi-Fi network',
'Lack of endpoint security for attendee devices']}