A major U.S. port was targeted in an attempted cyberattack last month, the Port said in a statement on Sept. 23.
The Port of Houston, which is the nation’s largest port for waterborne tonnage and a critical economic engine for the Houston region, the state of Texas, and the nation, was able to successfully defend itself against the attack and no operational data or systems were impacted.
“The Port of Houston Authority (Port Houston) successfully defended itself against a cybersecurity attack in August,” the statement reads. “Port Houston followed its Facilities Security Plan in doing so, as guided under the Maritime Transportation Security Act (MTSA), and no operational data or systems were impacted as a result.”
Easterly said she believes that a “nation-state actor” was behind the attack.
“We are working very closely with our interagency partners and the intelligence community to better understand this threat actor so that we can ensure that we are not only able to protect systems, but ultimately to be able to hold these actors accountable,” Easterly said.
“The exploitation of ManageEngine ADSelfService Plus poses a serious risk to critical infrastructure companies, U.S.-cleared defense contractors, academic institutions, and other entities that use the software,” the joint advisory warned.
“Successful exploitation of the vulnerability allows an attacker to place webshells, which enable the adversary to conduct post-exploitation activities, such as compromising administrator credentials, conducting lateral movement, and exfiltrating registry hives and Active Directory files.”