KENNEWICK, WA - The Port of Kennewick has learned it was victimized by a digital ransom-ware attack.
Cyber-criminals circumvented our systems, placed an extremely sophisticated encryption lock on the port’s server, and demanded $200,000 in ransom to restore access to the port’s servers and files. This was a differentiated cyber-attack with sophisticated, military-grade encryption focused on locking the port’s servers and holding those servers hostage to leverage a ransom.
The Port’s technology contractor reported that they are confident no individual data has been compromised as the virus focused on locking the port servers instead of accessing data or information located within those servers.
Port of Kennewick staff has reported the ransom threat to the Federal Bureau of Investigation and have been in contact with both their Richland and Seattle offices; and staff reached out to the Washington State Office of Cyber Security as well. According to these agencies, this variant of ransom-ware virus has no known decoder.
The port, following direction from the FBI and our technology professionals, will not pay a ransom as it would be using public funds and there is no guarantee an encryption key would be received after payment.
Instead, the port’s technology team is working with the FBI, following industry protocols, and working to reestablish functionality for the Port of Kennewick’s technology systems. They are rebuilding the port’s digital files from offline backups, and working to restore the port’s email server—which is currently offline.
Bader Inglima stated that the Port of Kennewick has always taken a robust and diligent approach to IT management and securing its data. The Port has had the same professional IT firm on contract for a number of years, during which they have made regular upgrades to the port’s servers, and to our security and anti-virus software. Our systems are well maintained and they run regular scans and updates to ensure appropriate systems are functional, and secure.
As an added layer of protection, the port also contracts with a separate, independent consultant to oversee and advise the port on its technology and IT systems. This person works with, but operates separately from, the port’s IT contractor and answers directly to the port to provide an additional layer of understanding, guidance, and oversight related to port systems and technology.
As indicated above, the port’s technology team is taking actions to resolve, restore and reestablish port functions as quickly as possible. However, this is a significant process and it will take time to restore port data in a manner which ensures additional redundancies, security, and protection.