Ransomware, Content

Port of San Diego Ransomware Attack: Bitcoins Demanded


The Port of San Diego said it was hit with a ransomware attack last week that took down the agency’s systems for issuing park permits, requests for public records and general business services.

Port of San Diego CEO Randa Coniglio
Port of San Diego CEO Randa Coniglio

Access to the San Diego Bay by ships and boats has not been compromised, Port officials said. While the agency’s police department was also affected by the hack, for the most part the infection appears confined to the Port’s IT systems. In the incident’s immediate wake, the agency declined to provide additional details, including the amount of Bitcoin ransom the cyber extortionists demanded.

“The Port of San Diego has experienced a serious cybersecurity incident that has disrupted the agency's information technology systems,” Randa Coniglio, the Port's chief executive, said in a statement. “The Port has mobilized a team of industry experts and local, regional, state and federal partners to minimize impacts and restore system functionality, with priority placed on public safety-related systems.”

Coniglio characterized the cyber attack as “mainly an administrative issue” and said that the Port is operating normally and there is no risk to the public. As a precautionary move, the Port shut down other IT systems, officials said.

The incident has been reported to the California Office of Emergency Services and the County of San Diego Office of Emergency Services, Port officials said. The FBI and the U.S. Department of Homeland Security are said to possibly be involved but neither agency has confirmed an investigation has been launched, according to reports.

The city of San Diego is well equipped to deal with cyber attacks and has the necessary technical expertise to handle a ransomware heist, according to the San Diego Union Tribune. The attack on the Port has some aspects in common with an earlier ransomware extortion launched against the city of Atlanta last March. In that instance, hackers were able to shut down many of Atlanta's services, including people’s ability to pay traffic tickets and water bills. The attackers — who also demanded bitcoins as ransom — temporarily knocked out wireless communications at the Atlanta airport.

More recently, in July, the China Ocean Shipping terminal in nearby Long Beach, CA was hit with a ransomware attack that briefly shut down operations. And, in a high profile case last year, Danish shipping giant Maersk was hit hard by the NotPetya ransomware with material losses in the hundreds of millions.

The U.S. Bureau of Transportation Statistics has ranked the Port of San Diego, which opened 56 years ago, as one of America's top 30 U.S. container ship ports.

D. Howard Kass

D. Howard Kass is a contributing editor to MSSP Alert. He brings a career in journalism and market research to the role. He has served as CRN News Editor, Dataquest Channel Analyst, and West Coast Senior Contributing Editor at Channelnomics. As the CEO of The Viewpoint Group, he led groundbreaking market research.