Ransomware Cripples IT Systems of Inland Port in Washington State

port suffers crippling cyber-attack ransomware
The Port of Kennewick, Washington located more than 180 miles southeast of Seattle

Published Nov 19, 2020 4:52 PM by The Maritime Executive

The Port of Kennewick, Washington reports that it is the latest target to suffer a crippling cyber-attack. The small port region far up the Columbia River and more than 180 miles southeast of the Port of Seattle demonstrates the indiscriminate nature of cybercrime and the danger to ports of all sizes.

Globally the cost of cybercrime is on the rise with some estimates putting the figure at over $2 trillion in 2019. According to industry professionals, there has been a 300 percent increase in cyber-attacks since the beginning of the Covid-19 pandemic and the shipping industry has not been spared. In 2011, the port of Antwerp experienced an intruder into its systems while many of the largest shipping companies also experienced cyber-attacks. Recently, CMA CGM Group experienced a crippling attack that took over a week to recover from while the International Maritime Organization was also taken offline by an attack.

While the Port of Kennewick may not be as visible, the attack has been just as devastating on the municipal corporation serving communities, including Kennewick, Richland, West Richland, into Benton County, along the Columbia River. On November 17, port officials discovered that its systems had been victimized by a digital ransom-ware attack. 

The cyber-criminals placed an encryption lock on the port’s server and demanded $200,000 in ransom to restore access to the port’s servers and files. While the source of the attack is unknown, they suspect it may have come from a fraudulent email sent to an employee of the port.

The attack was reported to the Federal Bureau of Investigation, which is working along with the port and its technology contractors. They report that their no known decoder for the ransomware placed on the server. The port’s technology contractor reported that they are confident no individual data has been compromised as the virus focused on locking the servers instead of accessing data or information located within those servers.

The port, following the direction of the FBI and its technology professionals, has determined not to pay a ransom. “It would be using public funds and there is no guarantee an encryption key would be received after payment,” the port said in its statement. 

The port’s technology team is working to reestablish functionality for the Port of Kennewick’s technology systems. They are rebuilding the port’s digital files from offline backups and working to restore the port’s email server, which is currently offline.

Port officials cautioned that they had run regular upgrades and scans as part of their maintenance and had deployed added layers of protection. They are now working to resolve, restore, and reestablish port functions as quickly as possible, but noted it is a significant process and it will take time to restore the port’s data.