Image: Alex Duffy
The U.S. Coast Guard (USCG) published a marine safety alert to inform of a Ryuk Ransomware attack that took down the entire corporate IT network of a Maritime Transportation Security Act (MTSA) regulated facility.
While the incident is still currently being investigated, the USCG says that a phishing email is most likely the point of entry within the MTSA facility's network.
"Once the embedded malicious link in the email was clicked by an employee, the ransomware allowed for a threat actor to access significant enterprise Information Technology (IT) network files, and encrypt them, preventing the facility’s access to critical files," says the USCG.
The USCG issued another safety alert in July with cybersecurity guidance after a cyber incident experienced by a deep draft vessel during February affected the ship's entire network.
Just as it happened in the July alert, the UCSC once again reminds maritime stakeholders to closely check the validity of the email sender before replying to or opening unsolicited emails.
Operations shut down for over 30 hours
Even though the Marine Safety Information Bulletin (MSIB) doesn't mention the type of facility or its name, it's safe to assume that it must be a port seeing that the ransomware managed to infiltrate cargo transfer industrial control systems.
"The virus further burrowed into the industrial control systems that monitor and control cargo transfer and encrypted files critical to process operations," adds the USCG.
The systems encrypted by Ryuk Ransomware directly impacted the facility's "entire corporate IT network (beyond the footprint of ..
Support the originator by clicking the read the rest link below.
![[Ben Krasnow]’s Take on DIY Air Bearings](upload/news/image_1577534423_15366143.png)
