The last week of September has seen a port attack –– reminiscing the COSCO attack earlier in 2018. This time the attack was targeted at the Port of San Diego.
Initial news reports have revealed that the inside information indicates the attack to be associated with a ransomware; thus, it is expected that the ransomware removal processes may have already been started.
Some experts have already drawn parallels to Atlanta’s ransomware attack in March. In that attack, public systems were compromised and people were unable to process their traffic tickets and utility bills. Cybercriminals had also triumphed to cripple the communications in the local airport.
Currently, investigations for the cyberthreat’s identification, restoration, and any possible ransomware removal are undergoing. The systems that have been attacked manage park permits as well as other business processes.
In the current attack, the San Diego Harbor Police Department has also been identified as a victim. The department is currently utilizing its backup systems for operations.
So far, there has not been any disclosure about how the cyberthreat succeeded in the invasion or any other detailed information of the cyberthreat. However, it has been determined that the initial reports of the attack started emerging on Tuesday.
This is not San Diego’s first bout with a ransomware attack. Two years back, international cybercriminals planned and attacked city’s computers when the Major League Baseball All-Star Game aired. The mode of action was DDoS in that attack where hackers repeatedly sent requests to the city’s computers.
As a result, significant loss of performance was experienced due to diminished levels of speed. However, hackers were not successful in permanently blocking or stealing any data. It was reported by the city’s IT leadership that the city faces more than a million cyber threats in a single day.