A ransomware attack on a major maritime corporation could have affected its vessels in the Mid-Atlantic region, causing a U.S. Coast Guard officer to take extra precautions, according to Rear Adm. Michael Ryan, USCG, former commander, Coast Guard Cyber Command.
Adm. Ryan left his position at Coast Guard Cyber Command last week and is now the deputy for operational policy and capabilities at Coast Guard Headquarters.
He related the story while serving on a panel at the AFCEA Cyber Education, Research and Training Symposium (CERTS) May 9, in Augusta, Georgia. He used the story to illustrate the Coast Guard’s massive responsibility in protecting 361 ports across the nation’s maritime transportation system, which carries more than 90 percent of commodities being delivered to the American public, as well as goods being exported to other countries.
The company, which Adm. Ryan did not name, alerted the government that a ransomware attack had affected its email system, crippling its ability to communicate across the corporation to include its maritime vessels.
“In this case, a number of those vessels are transiting in close proximity to the Chesapeake Bay Bridge-Tunnel, which in the Mid-Atlantic region is a major thoroughfare for economic activity and waterway conveyance,” the admiral noted. “What that translated to us in the maritime was operational risk. As that company’s vessels were transiting some of our most hazardous waterways, it becomes a security issue.”
He recalled that the Coast Guard leadership was concerned that the company didn’t seem to intimately understand its cyber terrain, so even though the company officials described it as a minor event, Coast Guard officials did not take chances. They considered the possibility the attack could have affected systems on the vessels’ bridges, or their propulsion or other critical systems.
“So, our Coast Guard captain of the port, in his regulatory capacity, imposed some additional operational controls,” requiring the company’s vessels to “to bring some tugs in there as some external measures of security to reduce that risk profile,” he reported. “If that vessel had gone aground, that vessel had hit one of those major arteries and disrupted not only the maritime streams but some significant thoroughfares for our fleet of trucks that move around this nation, well, all of that would have really been catastrophic in that particular region.”
The Coast Guard officials also called in a cyber protection team for “additional perspective or guidance,” Adm. Ryan added.