The US Coast Guard has issued a security warning following a ransomware attack on a federally regulated maritime facility. The intrusion at the unnamed facility, caused a 30+ hour shutdown of primary operations while a response was conducted.

Coast Guard Caught Phishing
The Ryuk ransomware is believed to have gained access to the facility’s IT network when an employee opened a malicious link in a phishing email. It encrypted a significant number of critical files, and disrupted camera and physical-access control systems, losing critical process control monitoring systems.
The alert recommends other facilities to enhance network monitoring tools, use up to date virus software, and make regular backups. It also suggests the measure of segmenting networks to prevent IT systems from accessing the operational technology (OT) environment.
As the incident is still under investigation, there has been no confirmation of when the event occurred, or whether a bitcoin ransom was demanded or been paid.
However, during a similar incident at…

Click to continue reading on its source location…