Port Houston targeted by suspected nation-state actor in cyber-attack

Abstract tech background made of printed circuit board. Depth of field effect and bokeh.

The Port of Houston Authority was targeted in a cybersecurity attack in August, believed to have originated from a nation-state actor.

According to a US Coast Guard report, unidentified hackers accessed a web server on Port Houston premises on 19 August.

“Port Houston followed its Facilities Security Plan in doing so, as guided under the Maritime Transportation Security Act (MTSA), and no operational data or systems were impacted as a result,” the port wrote in a statement.

The breach at Houston highlighted a vulnerability of software platform ManageEngine – which is used for password management and single sign-on – to the Cybersecurity and Infrastructure Security Agency (CISA) at the US Department of Homeland Security.

During a Senate Homeland Security and Governmental Affairs Committee meeting, Director Jen Easterly, said that CISA worked with the US Coast Guard on the ManageEngine vulnerability at the Port of Houston, believing the attack was the work of a nation-state actor.

READ: (£) Evolving cybersecurity in ports

Easterly said, “We worked with the US Coast Guard on a vulnerability at the Port of Houston and found out about this.

“We work with our FBI partners and our Coast Guard partners to better understand that vulnerability and then to be able to get that information out to see whether, in fact, we saw the same vulnerability across the federal cyber ecosystem and in our critical infrastructure partners.”

In 2020, security firm Naval Dome said that reported cyber-attacks had risen by a staggering 900% since 2017.

In 2021, online systems continue to be rocked by cyber-attacks. Ports and shipping stakeholders ranging from liner HMM to South African port infrastructure owner Transnet have been impacted by IT disruptions, stalling operations and risking financial and data loss.

Daily Email Newsletter

Sign up to our daily email newsletter to receive the latest news from Port Technology International.

Supplier Directory

Find out how to get listed

Webinar Series

Find out how to attend

Latest Stories

Cookie Policy. This website uses cookies to ensure you get the best experience on our website.