Ransomware has struck a facility belonging to the U.S. Coast Guard (USCG), affecting industrial control systems, security cameras, and much more, according to the USCG, which didn’t reveal the name or location of the affected base.
The ransomware, identified as “Ryuk,” is believed to have gained a foothold in USCG systems after an employee opened a phishing email and clicked on a link. It infected a number of critical systems, locking out users and cutting off access.
“Once the embedded malicious link in the email was clicked by an employee, the ransomware allowed for a threat actor to access significant enterprise Information Technology (I.T.) network files, and encrypt them, preventing the facility’s access to critical files,” explains the Coast Guard in the security bulletin.