X

Ransomware attack hits Port of San Diego

There's no safe harbor here.

Alfred Ng Senior Reporter / CNET News
Alfred Ng was a senior reporter for CNET News. He was raised in Brooklyn and previously worked on the New York Daily News's social media and breaking news teams.
See full bio
Alfred Ng
2 min read
USA - Swine Flu - Cruise Ships Headed to Mexico Dock in San Diego

A cruise ship docked at the Port of San Diego. 

 Photo by Sandy Huffaker/Corbis via Getty Images

The Port of San Diego is facing the storm surge of a cyberattack against its computer systems. 

On Wednesday, the Port of San Diego's CEO, Randa Coniglio, said in a statement that it suffered a "serious cybersecurity incident," which it first learned about on Tuesday. A spokesperson for the port told sister site ZDNet that the attack was a ransomware infection, but didn't provide further details. 

The attackers demanded for payment in bitcoins, though the Port of San Diego didn't disclose what amount.

Ransomware attacks are particularly disruptive because they encrypt computers and hold them hostage until victims pay the hackers. Often city officials don't have the resources to make those payments, or are following protocol from the US government against paying

While in that deadlock, people who rely on these services are out of luck to one degree or another. 

In this case, the Port of San Diego said its employees are still able to work, but they have limited access to their computers, causing a public inconvenience for people looking for park permits, business services and public records.

Watch this: Cryptojacking: The hot new hacker trick for easy money

The cyberattack on San Diego is the latest in a long list of incidents affecting public infrastructure, coming on the heels of a similar hack on Sept. 20 against the Port of Barcelona in Spain. It's unclear if the two port hacks are related. 

Attacks on city infrastructure often have widespread collateral damage as they can freeze public services used by millions of people. In March, the Department of Homeland Security and the FBI warned that Russian hackers were targeting critical infrastructure like energy, water, nuclear and manufacturing companies.  

When Russian hackers hit global shipping giant Maersk with the NotPetya attack, it was considered the "most destructive and costly cyberattack in history," adding up to $300 million in lost revenue.

After the government in Atlanta suffered a ransomware attack in March, many basic services for the city's residents weren't working, like paying for water services and accessing police records. City officials requested an additional $9.5 million just to recover from the attack. 

A Port of San Diego spokeswoman said they're working with the FBI and the Department of Homeland Security on investigating the attack.

"We have been in contact with the Port of San Diego and have offered our technical support and assistance, as we do whenever we become aware of a potential cyber incident affecting a critical infrastructure partner," Scott McConnell, a DHS spokesman, said in an email.

Originally published at 8:19 a.m. PT.
Updated at 10:35 a.m. PT: To include responses from the Port of San Diego and the Department of Homeland Security.

Aiding and abetting: New ransomware can turn your computer into a hacker's tool.

Peace of mind: Google doesn't want you to have to think about cybersecurity.