U.S Coast Guard Attacked by New Crypto-Locking Ransomware
The US Coast Guard has issued a security warning following a ransomware attack on a federally regulated maritime facility. The intrusion at the unnamed facility, caused a 30+ hour shutdown of primary operations while a response was conducted.
Coast Guard Caught Phishing
The Ryuk ransomware is believed to have gained access to the facility’s IT network when an employee opened a malicious link in a phishing email. It encrypted a significant number of critical files, and disrupted camera and physical-access control systems, losing critical process control monitoring systems.
The alert recommends other facilities to enhance network monitoring tools, use up to date virus software, and make regular backups. It also suggests the measure of segmenting networks to prevent IT systems from accessing the operational technology (OT) environment.
As the incident is still under investigation, there has been no confirmation of when the event occurred, or whether a bitcoin ransom was demanded or been paid.
However, during a similar incident at the port of San Diego in September 2018, attackers did demand a ransom in bitcoin, although the facility did not provide details of how much or whether it was paid.
Ransomware On The Rise
Over the past year, ransomware has rising in popularity with cybercriminals, overtaking crypto-jacking as their preferred modus operandi. Earlier this month, an attacker targeted the Argentinian government, demanding 50 BTC to withdraw the attack.
With bitcoin being the favoured payment method in the majority of cases, this tends to provide fuel to those who like to decry the top cryptocurrency as being purely the preserve of criminals. However research suggests that a lot of the tools used by these cybercriminals originally come from government sources.
However, despite getting the blame, it is possible that bitcoin gets the last laugh, as the demand for BTC driven by the increasing prevalence of ransomware attacks could potentially be driving up prices.
What are your thoughts on the new Ryuk ransomware? Let us know in the comment section below!
Images via Shutterstock