The U.S. Coast Guard last month issued a safety bulletin following a ransomware attack that impaired both the IT systems and industrial control systems of a facility regulated by the Maritime Transportation Security Act (MTSA), and prompted a 30-hour operational shutdown.
The ransomware program, identified as Ryuk, was delivered via a phishing email containing a malicious link that was clicked by an employee. According to the alert, the ransomware encrypted critical network files, then “further burrowed into the industrial control systems that monitor and control cargo transfer and encrypted files critical to process operations.”
“The impacts to the facility included a disruption of the entire corporate IT network (beyond the footprint of the facility), disruption of camera and physical access control systems, and loss of critical process control monitoring systems,” continued the alert continued, which was issued back on December 16.
The Coast Guard did not name the specific facility that was affected, but did say that damage and delays caused by the attack were likely mitigated by a series of protections including intrusion detection and prevention systems, virus de ..
Support the originator by clicking the read the rest link below.
