Powered by MOMENTUM MEDIA

Breaking news and updates daily. Subscribe to our Newsletter!

Breaking news and updates daily. Subscribe to our newsletter

Hackers breach one of the US’ largest ports

By Reporter
24 September 2021 | 1 minute read

Hackers have breached one of the United States’ largest ports by exploiting a password management tool, with early detection stopping them short of interrupting shipping operations.

The Port of Houston, one of the United States’ largest ports, was targeted last month in a breach suspected to have been conducted by state-sponsored hacking groups.

Media outlets reported that early detection of the cyber operation ensured that the breach was not able to interrupt the Port of Houston’s shipping operations.

Advertisement
Advertisement

According to a press release from Port Houston, the Port followed its Maritime Transportation Security Act guided security policy.

“The Port of Houston Authority (Port Houston) successfully defended itself against a cybersecurity attack in August,” a release from the Port read.

“Port Houston followed its Facilities Security Plan in doing so, as guided under the Maritime Transportation Security Act (MTSA), and no operational data or systems were impacted as a result.”

PROMOTED CONTENT

It has yet to be determine what group was behind the attack.

Several media outlets have reported that the cyber criminals attempted the hack by leveraging the ManageEngine ADSelfService Plus program, which manages passwords. The hack came amid scrutiny over the use of password management tools.

In mid-September, the US Cybersecurity & Infrastructure Security Agency released an alert for the ManageEngine ADSelfService Plus program.

“The exploitation of ManageEngine ADSelfService Plus poses a serious risk to critical infrastructure companies, US-cleared defense contractors, academic institutions, and other entities that use the software,” the alert read.

“Successful exploitation of the vulnerability allows an attacker to place webshells, which enable the adversary to conduct post-exploitation activities, such as compromising administrator credentials, conducting lateral movement, and exfiltrating registry hives and Active Directory files.

“Confirming a successful compromise of ManageEngine ADSelfService Plus may be difficult — the attackers run clean-up scripts designed to remove traces of the initial point of compromise and hide any relationship between exploitation of the vulnerability and the webshell.”

 [Related: Microsoft continues push for passwordless future]

Hackers breach one of the US’ largest ports
cyber-security-connect-csc.jpg
lawyersweekly logo
newsletter
cyber security subscribe
Be the first to hear the latest developments in the cyber security industry.
Regular Podcast Updates