Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Port of Houston Target of Suspected Nation-State Hack

A major U.S. port was the target last month of suspected nation-state hackers, according to officials.

The Port of Houston, a critical piece of infrastructure along the Gulf Coast, issued a statement Thursday saying it had successfully defended against an attempted hack in August and “no operational data or systems were impacted.”

A major U.S. port was the target last month of suspected nation-state hackers, according to officials.

The Port of Houston, a critical piece of infrastructure along the Gulf Coast, issued a statement Thursday saying it had successfully defended against an attempted hack in August and “no operational data or systems were impacted.”

Cybersecurity and Infrastructure Security Agency Director Jen Easterly initially disclosed that the port was the target of an attack at a Senate committee hearing Thursday morning. She said she believed a “nation-state actor” was behind the hack, but did not say which one.

“We are working very closely with our interagency partners and the intelligence community to better understand this threat actor so that we can ensure that we are not only able to protect systems, but ultimately to be able to hold these actors accountable,” she said.

Sen. Rob Portman, R-Ohio, said the hack was “concerning” and said the U.S. needed to “push back against these nation-state actors who continue to probe and to commit these crimes against our public and private sector entities.”

The hack involved ManageEngine ADSelfService Plus, a password management program. Easterly’s agency, the FBI and the U.S. Coast Guard issued a joint advisory last week warning that the vulnerability in the software “poses a serious risk” to critical infrastructure companies, defense contractors and others.

Cybersecurity has become a key focus of the Biden administration. A devastating wave of cyberattacks has compromised sensitive government records and at times led to the shutdown of the operations of energy companies, hospitals and schools.

The SolarWinds espionage campaign, which the U.S. government said was conducted by Russian hackers, exposed the emails of 80% of the accounts used by the U.S. attorneys’ offices in New York and affected several other departments. The Associated Press reported in June that suspected Chinese state hackers had recently targeted telecommunications giant Verizon and the country’s largest water agency.

Advertisement. Scroll to continue reading.

Related: Port of San Diego Hit by Ransomware

Related: S.Africa’s Port Terminals Still Disrupted Days After Cyber-Attack

Related: U.S. Coast Guard Issues Cybersecurity Warnings for Commercial Vessels

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

Cyberwarfare

WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cyberwarfare

Russian espionage group Nomadic Octopus infiltrated a Tajikistani telecoms provider to spy on 18 entities, including government officials and public service infrastructures.

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.