Demand for Bitcoin included in Port of San Diego cyberattack ransom note

Posted at 2:25 PM, Sep 27, 2018
and last updated 2018-09-27 20:37:32-04

SAN DIEGO (KGTV) — The cybersecurity attack targeting the Port of San Diego included ransomware and demand for Bitcoin, port officials said in a statement Friday.

Port CEO Randa Coniglio said some of the port’s information technology systems were compromised before staff members shut down other systems in an abundance of caution.

The ransom note requested payment in the online currency Bitcoin, although the amount is not being disclosed by port officials.

Investigators have not announced who is behind the attack.

"What we've seen in the last 12 months is more of this targeted attack on organizations," said Stephen Cobb, senior security researcher at San Diego Cyber security Firm ESET. "It is difficult for government organizations to necessarily get the budget as quickly as they need to put defenses in place, but on the other side, they have essential services."

FBI and Department of Homeland Security officials joined the Port of San Diego’s investigation into the attack, which was first reported Tuesday. Local, state and federal partners were brought in to restore compromised systems, including the U.S. Coast Guard.

“The temporary impacts on service to the public are in the areas of park permits, public records requests, and business services,” said Coniglio.

Public safety operations are ongoing, and ships and boats are not impacted by the incident, port officials said.

The Port of San Diego supports operations of cargo and cruise terminals, hotels, restaurants, marinas, museums, and 22 public parks along 34 miles of San Diego Bay.