(KENNEWICK, Wash.) — According to industry professionals, there has been a 300 percent increase in cyberattacks since the beginning of the COVID-19 pandemic. And unfortunately, hackers and cyberthieves are tenacious and pernicious, and constantly evolving new methods of criminal activity.
The Port of Kennewick has learned it was victimized by a digital ransomware attack, whereby cybercriminals circumvented its systems, placed a sophisticated encryption lock on the port’s servers, and demanded $200,000 in ransom to restore access to the port’s servers and files. This was a differentiated cyberattack with sophisticated, military-grade encryption focused on locking the port’s servers and holding those servers hostage to leverage a ransom.
The port’s technology contractor reported that it is confident no individual data has been compromised as the virus focused on locking the port servers instead of accessing data or information located within those servers.
Port of Kennewick staff has reported the ransom threat to the Federal Bureau of Investigation and have been in contact with both their Richland and Seattle offices, and staff reached out to the Washington State Office of Cyber Security as well. According to these agencies, this variant of ransomware virus has no known decoder.
The port, following direction from the FBI and technology professionals, will not pay a ransom as it would be using public funds and there is no guarantee an encryption key would be received after payment.
Instead, the port’s technology team is working with the FBI, following industry protocols, and working to re-establish functionality for the Port of Kennewick’s technology systems. They are rebuilding the port’s digital files from offline backups, and working to restore the port’s email server — which is currently offline.
Bader Inglima stated that the Port of Kennewick has always taken a robust and diligent approach to IT management and securing its data. The port has had the same professional IT firm on contract for a number of years, during which they have made regular upgrades to the port’s servers, and to its security and anti-virus software.
As an added layer of protection, the port also contracts with a separate, independent consultant to oversee and advise the port on its technology and IT systems. This person works with, but operates separately from, the port’s IT contractor and answers directly to the port to provide an additional layer of understanding, guidance, and oversight related to port systems and technology.
As indicated above, the port’s technology team is taking actions to resolve, restore and re-establish port functions as quickly as possible. However, this is a significant process and it will take time to restore port data in a manner which ensures additional redundancies, security, and protection.
– Port of Kennewick