Recently, the United States Coast Guard (USCG) issued a maritime security alert confirming a Ryuk ransomware attack that has brought down the entire IT network of a facility. Although the incident is still under investigation, the Coast Guard revealed that the entrance to the phishing emails is likely to be inside the Maritime Transportation Security Act (MTSA) facility network.
The Coast Guard noted that once employees click on a malicious link in an email, an attacker could access and encrypt important corporate information technology network files, preventing the facility from accessing critical files. This is not the first time the Coast Guard has encountered a cyber attack. In February this year, a deep-water ship of the Coast Guard experienced a cyber incident that affected the entire network of the ship. The US Coast Guard released another security alert in July and provides cybersecurity guidance.
Similar to the July security incident response, UCSC again reminds maritime stakeholders to double-check the validity of the email sender before replying or opening an unsolicited email.