Home Security US Maritime Facility Suffered Ryuk Ransomware Attack

US Maritime Facility Suffered Ryuk Ransomware Attack

by ethhack

It hasn’t been a while since we heard of the Ryuk ransomware attack at the City of New Orleans. And now, here comes another similar report. Recently, a US Maritime facility also became a victim of the Ryuk ransomware. The incident caused huge disruptions at the facility.

US Maritime Facility Disclosed Ransomware Attack

The US Coast Guard recently disclosed a cyberattack that quickly caught the attention of the maritime sector. Reportedly, a US Maritime facility regulated under the Maritime Transportation Security Act (MTSA) has suffered a ransomware attack.

Elaborating on the incident in a security bulletin, the MTSA facility fell prey to the devastating Ryuk ransomware. The malware gained access to the facility’s IT infrastructure through a phishing attack. Consequently, it distorted the entire data and process operations whilst preventing the facility to access their data.

As stated in the bulletin,

Once the embedded malicious link in the email was clicked by an employee, the ransomware allowed for a threat actor to access significant enterprise Information Technology (IT) network files, and encrypt them, preventing the facility’s access to critical files. The virus further burrowed into the industrial control systems that monitor and control cargo transfer and encrypted files critical to process operations.

As a result, the attack caused a huge disruption at the facility with regards to IT operations and other systems. Eventually, the firm’s primary operations remained halted for about 30 hours.

The impacts to the facility included a disruption of the entire corporate IT network (beyond the footprint of the facility), disruption of camera and physical access control systems, and loss of critical process control monitoring systems.

The Firm Contained The Attack

In brief, they stated that having an up-to-date antivirus, prompt monitoring of real-time network traffic, network segmentation, centralized host and server logging with prompt monitoring, updated IT/OT network diagrams, and consistent backups of all data helped them shorten the recovery period.

Whereas, to prevent future incidents, the Coast Guard urges all maritime stakeholders to stay vigilant while dealing with unsolicited emails. Moreover, they also advise the facility owners and operators to review their cybersecurity defense measures.

The following two tabs change content below.

Avatar
Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]
Avatar

Source link

Related Articles

Leave a Comment