The sophisticated ransomware attack cut off access to many business services, forcing the Harbor Police to switch to alternative systems.
(TNS) — The Port of San Diego said Wednesday it is investigating a highly sophisticated cybersecurity threat to its technology systems that is currently affecting the public agency’s ability to process park permits and records requests, and perform other business services.
The digital assault is similar, in some ways, to a ransomware attack that was launched against the city of Atlanta in March, security analysts say. The hackers were able to shut down many services, including people’s ability to pay traffic tickets and water bills. The attackers — who sought bitcoins as ransom — also temporarily knocked out wireless communications at the Atlanta airport.
The San Diego Harbor Police Department, the law enforcement arm of the Port, is also affected by the attack and is said to be using alternative technology systems.
“The Port of San Diego has experienced a serious cybersecurity incident that has disrupted the agency's information technology systems,” CEO Randa Coniglio said in a statement. “The Port has mobilized a team of industry experts and local, regional, state and federal partners to minimize impacts and restore system functionality, with priority placed on public safety-related systems.”
Established in 1962, the port is a self-funded agency with 569 employees that oversees 34 miles of San Diego Bay waterfront property. It plays an integral role in public safety with its connection to the Harbor Police, and its operation of cargo and cruise terminals. The district spans five cities and houses 800 businesses, with tenants such as General Dynamics-NASSCO, the last major shipbuilder on the West Coast. The company is currently building and repairing American warships.
The agency did not disclose the exact nature of the breach or provide any details, except to note that it first received reports of a disruption on Tuesday. Its impact is also unclear, though port tenants don’t appear to be affected by the breach.
“So far, no one has been impacted,” Sharon Bernie-Cloward, president of the San Diego Port Tenants Association, said when reached via email.
The incident has been reported to the California Office of Emergency Services and the County of San Diego Office of Emergency Services, port officials said.
Harbor Police and the Federal Bureau of Investigation declined to comment for this story. However, the FBI is frequently involved in investigating attacks of this kind, security analysts say. The U.S. Department of Homeland Security also might be involved.
The city of San Diego has the technical expertise to help deal with such an attack, and is deeply familiar with ransomeware — a type of malicious software that can freeze a person’s computer operating system. The person then receives a demand for ransom in return for returning the computer to normal. The FBI says hackers sometimes simply take the ransom and don’t unlock the computers. The agency said last year that about 4,000 computers per hour are infected every hour of the day.
Public agencies are frequent targets of cyberattacks.
In the summer of 2016, foreign hackers tried and failed to disrupt San Diego’s large computer system during the Major League Baseball All-Star Game. In that case, the hackers flooded the city’s computers with data requests in a so-called Distributed Denial of Service attack. The attack slowed city computers but did not affect police services.
At the time, the city’s chief information security officer said its computers are subjected to hacking attempts about 1 million times per day, most of which are low-level efforts carried out by automated software.
©2018 The San Diego Union-Tribune Distributed by Tribune Content Agency, LLC.