The Port of
San Diego has experienced a serious cyber security incident that has
disrupted the agency’s information technology systems, the port said in a
investigation has so far determined that ransomware was involved in this
attack. The ransom note requested payment in bitcoin, although the amount that
was requested was not disclosed.
port first received reports of the disruption on September 25, 2018, and
mobilized a team of industry experts and local, regional, state and federal
partners to minimize impacts and restore system functionality, with priority
placed on public safety-related systems.
said that the team is currently determining the extent and timing of the
incident and the amount of damage to information technology resources, and
developing a plan for recovery.
“It is important to note that this is mainly an administrative issue
and normal port operations are continuing as usual. The port remains open,
public safety operations are ongoing, and ships and boats continue to access
the bay without impacts from the cybersecurity incident,” said Port of San Diego CEO Randa
“While some of the port’s information technology systems were
compromised by the attack, port staff also proactively shut down other systems
out of an abundance of caution.”
San Diego port
added that it is partnering with the Federal Bureau of Investigation (FBI) and
the Department of Homeland Security (DHS) on the investigation of the incident.