U.S. Coast Guard Issues Warning Over Crypto Ransomware Attack

The US Coast Guard has issued a security alert following a ransomware attack at one of their facilities.
The facility was forced to shut down its IT Network for 30+ hours after being infected with the Ryuk ransomware.


The United States Coast Guard has issued a security warning after discovering a crypto-based ransomware attack at one of their maritime facilities.

According to the official alert, the US Coast Guard experienced a ransomware attack that took down the IT network of a federally regulated maritime facility. While the facility has yet to be named, the incident lasted more than 30 hours and is being attributed to the Ryuk Ransomware strain.

The report claims a worker at the facility received a phishing email containing a malicious link that led to the ransomware infecting the entire network, including controls systems that monitor cargo transfer and are responsible for encrypting files.

The alert reads,

The impacts to the power included an interruption of the whole corporate IT network (beyond the footprint of the facility), disruption of camera and physical access control systems, and loss of critical process control monitoring systems.

The report continues,

These combined effects required the corporate to pack up the first operations of the power for over 30 hours while a cyber-incident response was conducted.

In December, a report by security firm Kaspersky showed that while crypto-mining attacks declined in 2019, ransomware and malware scripts were on the rise.