Ransomware attack hits Port of San Diego

Ransomware is not going anywhere. As if we needed a reminder.

The Port of San Diego confirmed today in a press release that it was the victim of a cyberattack that affected several important computer systems and left port officials struggling to maintain some daily operations. It's not good, and, as of the time of this writing, remains unresolved.

The port, established in 1962, is the fourth largest in California and entrusted with not only supervising shipping coming and going, but also 34 miles of waterfront. In short, this is not the organization you want ground to a halt as a result of a ransomware-fueled cyberattack.

According to a statement from Port of San Diego CEO Randa Coniglio, however, that's more or less what's happened.

"The Port of San Diego continues to investigate a serious cybersecurity incident that has disrupted the agency's information technology systems, and the Port's investigation so far has determined that ransomware was involved in this attack," read the statement. "Port employees continue to have limited functionality which may have temporary impacts on service to the public, especially in the areas of park permits, public records requests, and business services."

So what exactly went down? We reached out to port officials in an attempt to determine what type of ransomware infected their systems — was it similar in nature to the cyberattack that hit the Port of Barcelona earlier this month, for example — in addition to what, if anything, the hackers who infected the port's systems were demanding. Perhaps a bitcoin ransom?

The port information officer, Tanya Castaneda, responded to our questions by letting us know that this is all still very much being investigated.

"Because of the ongoing investigation we have to be very careful about what we release and so our statement is all that we can provide at this time," Castaneda wrote over email.

It's possible, of course, that the infection was purely incidental and that the attackers were just casting a wide net for potential victims. But we don't know.

There's actually a lot we don't know at the moment, unfortunately. And we're not the only ones with unanswered questions. Even the port is still trying to figure out just exactly how screwed it is.

"The team is currently determining the extent and timing of the incident and the amount of damage to information technology resources, and developing a plan for recovery," continued Coniglio's statement.

We will hopefully have more details soon — Castaneda wrote that an update should be coming later today — but in the meantime we can all rest easy knowing that at least one of our nation's ports is vulnerable to ransomware just like your old Windows computer you stubbornly refuse to update.