The Port of Houston was the target of a cyberattack during August 2021 (and reported in late September). While the attack was thwarted, it raises issues relating to cybersecurity within companies as well as the continuing rise in different forms of attacks.
According to the authorities: “Port Houston followed its Facilities Security Plan in doing so, as guided under the Maritime Transportation Security Act (MTSA), and no operational data or systems were impacted as a result.”
The attack began after hackers triggered a flaw with place webshells, which enable the adversary to conduct post-exploitation activities, such as compromising administrator credentials, conducting lateral movement, and exfiltrating registry hives and Active Directory files.
A major cyberattack on a port like this (which is the largest port in the U.S.) could have the ability to upend multiple supply chains.
Looking at the incident for Digital Journal is Paul Martini, the CEO of cloud cybersecurity company iboss. Martini recommends that the time is here for organizations to get smarter and to develop systems to shut the virtual doors so that hackers do not exploit the easy way in use for these types of attacks.
Martini, is from the U.S., explains the threat: “We’ve learned of attacks aimed at organizations critical to our nation’s food supply as well as to one of the country’s busiest ports.”
In terms of who is behind such attacks, including the Port of Houston, Martini pinpoints nation-state actors.
Rogue actors have had an easier time due to the pandemic as many workplaces have been distracted with other demands. Martini notes: “The global supply chain teeters dangerously close to breaking down due to COVID-19 and if a cyberattack like the one aimed at the Port of Houston succeeds, catastrophic results including shortages of food, consumer goods and critical materials could follow.” In terms of formulating a response, Martini recommends: “Private organizations and the government need to get a hold of this problem by starting to improve defenses that can shut the doors bad actors use to access networks, this starts with securing the Internet connections used by remote workers that hackers often try to exploit.”
