In line with an alarming trend of cyber attacks against ports in the last few years, the Port of Kennewick in Washington announced it suffered a digital ransomware attack in its systems. As informed, cyber criminals placed an extremely sophisticated encryption lock on the port’s server and demanded $200,000 in ransom to restore access to the port’s servers and files.
This was a differentiated cyber-attack with sophisticated, military-grade encryption focused on locking the port’s servers and holding those servers hostage to leverage a ransom,
…the port said.
However, the port confirmed that no individual data has been compromised, as the virus focused on locking the port servers instead of accessing data or information located within those servers.
Port of Kennewick staff has reported the ransom threat to the FBI and have been in contact with both their Richland and Seattle offices; and staff reached out to the Washington State Office of Cyber Security as well. According to these agencies, this variant of ransomware virus has no known decoder.
The port, following direction from the FBI and our technology professionals, will not pay a ransom as it would be using public funds and there is no guarantee an encryption key would be received after payment,
…the port further informed.
Instead, the port’s technology team is working with the FBI and working to reestablish functionality for its technology systems. They are rebuilding the port’s digital files from offline backups, and working to restore the port’s email server—which is currently offline.
The Port of Kennewick said its systems are well maintained and they run regular scans and updates to ensure security. As an added layer of protection, the port also contracts with a separate, independent consultant to oversee its technology and IT systems.
Cyber attacks constitute a main area of concern for shipping. Following the NotPetya virus that resulted in a US$300 million loss for Maersk in 2017 and the cyber attacks in Barcelona and San Diego ports, as well as the attack against Australian shipbuilder Austal in 2018, this year, a US-based gas pipeline operator, as well as shipping giants MSC and CMA CGM have been hit by malware.
In the meantime, industry professionals reveal a 300% increase in cyber attacks since the beginning of the Covid-19 pandemic, while Naval Dome recently said cyber-attacks on the maritime industry’s OT systems have increased by 900% over the last three years.
