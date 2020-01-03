Comment: Ransomware Attack Takes US Maritime Base Offline

A computer virus forced a US maritime base offline for more than 30 hours, the country’s coast guard has revealed. Ransomware interrupted cameras, door-access control systems and critical monitoring systems at the site. The agency did not reveal the name or the location of the facility targeted by the attack. 

Officials said they believed the ransomware was sent in a malicious email link, clicked by an employee, the BBC reported yesterday. 

 

Stuart Reed, VP ,  Nominet
January 03, 2020
Critical services and infrastructure will continue to be targeted by cyber criminals.
Ransomware was one of the most disruptive forms of cyber attack in 2019 and it seems that this will continue to be the case in 2020. With countless emails and links being sent across the network it is no small task to mitigate the risk of employees falling victim to an attack, and reminds us of the importance of a layered approach to security. While access control should limit the path of an attacker and robust backups can restore systems as soon as possible, it is also important to have broad visibility of the network to identify and eliminate an attack quickly. Technical protection and defense must dovetail with business processes; ensuring employees are educated to become a strong line of defence, while a rock-solid incident response plan can deliver a swift recovery. Critical services and infrastructure will continue to be targeted by cyber criminals and it’s only with partnerships between security experts, risk specialists and those responsible for the build and protection of these highly important assets that we will be able to improve our overall security posture against attackers.
Nigel Stanley, CTO,  TUV Rheinland
January 03, 2020
Yet again we appear to be seeing a facility disrupted by malware introduced via email.
Yet again we appear to be seeing a facility disrupted by malware introduced via email. My bigger concern is that the malware was apparently able to penetrate operational technology systems used to control cargo transfer. This demonstrates the need for decent network segmentation, firewalling and backups that can be restored following such an incident.

