Port of San Diego Hit by Ransomware Attack

[AlphaAtlas]

In a press release, the Port of San Diego said that it was hit by a ransomware attack. Port of San Diego CEO Randa Coniglio said that the incident was first reported on September 25, and that a ransom note was requested in Bitcoin. Authorities claim they contained the attack to a few systems, but "proactively shut down other systems out of an abundance of caution." The Port of Barcelona suffered a similar attack last week, and other reports suggest that ransomware attacks are just going to get more common.

As previously stated, the Port has mobilized a team of industry experts and local, regional, state and federal partners to minimize impacts and restore system functionality. The temporary impacts on service to the public are in the areas of park permits, public records requests, and business services. No further information is available at this time; updates will be provided as information is available," said Port of San Diego CEO Randa Coniglio.

 

[Guarana [BAWLS]]

#HopeTheirBackupsAreGood

 

[cyclone3d]

#HopeTheirBackupsAreGood

#WhatBackups?

 

[katanaD]

its a good thing that spending on security and knowledgeable IT staff are frivolous expenses

 

[thebufenator]

Keep rolling on unpatched Windows.
lol

 

[[21CW]killerofall]

Keep rolling on unpatched Windows.
lol

Unpatched Windows isn't the problem (in most cases). It is normally stupid people clicking on links in emails or attaching usb drives. If you have critical systems that aren't required to be connected to the internet to function, DON'T CONNECT THEM TO THE INTERNET!

 

[Paladin21]

#WhatBackups?

(Scene from a typical company)

Of course we can restore from backup!

....psst, hey Steve, have we ever actually tested that?


I find that when I go consult that even places that have a rational backup policy, which is very much the exception, never test the restoration process. I can't tell you how many times I've seen blank tapes that are the "daily backup", tapes that are incomplete, or tapes that faithfully recorded the wrong stuff. If you don't *test* your backups, you don't *have* backups. Or at least that's how I look at it...

 

[Dead Parrot]

Keep rolling on unpatched Windows.
lol

Even perfectly patched systems get zotted. The whole 0-day thing and all. OS patches are just one level of defense in depth. Proper firewall rules, keeping applications patched, employees following security protocols, etc.

All the bad guys have to do is find one mistake to exploit. Sounds like they found one in Barcelona and are repeating at other ports.

 

[ir0nw0lf]

#ITopeningssoon

 

[Paladin21]

#ITopeningssoon

Yeah, but probably not at the managerial/policy level. They'll put some poor guy's head on a plate for following the directives given, but never mess with the person who issued them. Or at least that's how it works around here...

 

[Guarana [BAWLS]]

Unpatched Windows isn't the problem (in most cases). It is normally stupid people clicking on links in emails or attaching usb drives. If you have critical systems that aren't required to be connected to the internet to function, DON'T CONNECT THEM TO THE INTERNET!

Unfortunately, even if a system is Mission Critical, and does NOT require internet connectivity, it will likely need to be accessed by one or more users remotely, requiring network. (Even if it's local.)

If a Stupid User does the Stupid again, well, that mission critical server is still potentially hosed.

 

[Oldmodder]

I will agree on the stupid user argument.
BUT ! the people that initiate and do this kind of stuff, why not use 50 cents on a bullet for them if you find them, there are plenty of people on earth not least the ones that in behavior resemble parasites.

While i do like to hack and mod ( hardware ) myself, then that kind of people just got to go.

 

[RealBeast]

If they just instituted a policy of taking the user that was stupid enough to click on the bait outside at high noon and placing their head on a pike, which would then stay there until the next replacement user, perhaps users would get smarter.

J/K users will never get smarter, but if you do it long enough you could weed out quite a few of the weaker ones.

 

[viper1152012]

I could understand the system used for scheduling and tracking going down but how did the whole port get shut down.

 

[thebufenator]

Ya'll really believe that the Port is running a fully patched modern operating system?

People don't just build Windows 0-days all the time. Lowest hanging fruit == unpatched systems

 

[Simmonz]

If anything positive can come from attacks like this it exposes those who weren't doing a good job in the first place.