Port of San Diego recovering from ransomware attack

The Port of San Diego reported Thursday that it is recovering from a ransomware attack that has affected its internal computer systems and some public-facing functions.

Officials are not disclosing the variety of ransomware responsible for the attack or the amount requested by the hackers responsible. Tanya Castaneda, a port spokeswoman, has confirmed that the ransom demand was denominated in bitcoin and that the port is working with the FBI, Department of Homeland Security and the U.S. Coast Guard — along with local and state law enforcement — to investigate the attack.

The ransomware has not affected the port’s shipping functions or other maritime services, Castaneda said, though some public services have been knocked offline. Currently, the port authority cannot process public-records requests or applications for permits to use the 22 parks it operates throughout San Diego County. Some other business services are offline as well.

“The Port remains open, public safety operations are ongoing, and ships and boats continue to access the Bay without impacts from the cybersecurity incident,” Randa Coniglio, the port’s chief executive, said in a press release. “While some of the Port’s information technology systems were compromised by the attack, Port staff also proactively shut down other systems out of an abundance of caution.”

The Port of San Diego is one of the top 30 water shipping facilities in the country, according to the U.S. Transportation Department. It handled about 2.8 million metric tons of cargo and more than 90 cruise ships in 2017, and is one of the main ports of entry for foreign motor vehicles entering the United States, processing nearly 10 percent of all foreign cars.

It’s also the second major port in the last two weeks to suffer a ransomware attack. The Port of Barcelona, Spain, reported Sept. 20 that it, too, had some of its computer systems locked down by ransomware.