In a report issued Thursday, Port Houston disclosed that “The Port of Houston Authority (Port Houston) successfully defended itself against a cybersecurity attack in August. Port Houston followed its Facilities Security Plan in doing so, as guided under the Maritime Transportation Security Act (MTSA), and no operational data or systems were impacted as a result.”
The report follows on a joint release (AA21-259A) last week by the Cybersecurity and Infrastructure Security Agency, FBI, U.S. Coast Guard Cyber Command and CISA warning of a newly identified vulnerability (CVE-2021-40539) in ManageEngine ADSelfService Plus.
U.S. Cybersecurity and Infrastructure Security Agency Director Jen Easterly disclosed Thursday, during a Senate Homeland Security and Governmental Affairs Committee, that the Houston Port was targeted through this vulnerability. Experts with Shared Assessments, Security Gate, Hay Stack Solutions and Gurucul offer thoughts.