LA Port Terminal Still Shut Down Following Cyber-Attack

SAN PEDRO (CBSLA.com) – The largest terminal in the Port of Los Angeles remained closed Wednesday following a cyber-attack that hit computers at various companies in Europe and around the globe.

Operations were halted at the normally bustling APM Terminal, owned by Danish shipping company A.P. Moller-Maersk, beginning at about 6 a.m. Tuesday, and remained shut down Wednesday. There was no word on when it might reopen.

Maersk issued a statement confirming that it was "hit as part of a global cyber-attack named Petya, affecting multiple sites and select business units. We are responding to the situation to contain and limit the impact and uphold operations."

The ransomware attack hit businesses and government agencies in at least six European countries, including Ukraine, and spread to computers in the United States, India and Australia, according to various overseas media reports, which also indicated the attack had taken out servers at Russia's biggest oil company.

Phillip Sanfield, a spokesman for the Port of Los Angeles, said a ship had left the terminal before 6 a.m. Tuesday and by "happenstance" no other ships were due to dock there Tuesday or Wednesday, but other work had come to a halt as a result of the attack.

"When a terminal doesn't have a ship it still does some landside operations," Sanfield said. "It prepares for the next ship and there's a lot of cargo moving around the docks on the landside, and from what I understand they stopped those operations today due to the issue. They haven't given us any ETA on when they are due back up."

Sanfield also said Maersk told its trucking companies not to come to the terminal. The other terminals at the port were operating normally, he said.

The cyber-attack is reported to be a variant of the Petya ransomware virus that affected computers just over a month ago, though that's not conclusive yet. Windows computers are the ones being affected and the "ransom" for companies to get their data back is set at $300 in Bitcoin currency. Once paid, a key is entered and the computer's file are allegedly decrypted.

"They haven't found a kill switch to this one yet, and this is more, once this is out in your system, it sort of propagates itself, without direct commands from the hackers," said Fran Townsend, senior national security analyst for CBS News.

Dave Kennedy, founder of TrustedSec, tweeted that 5,000 computers were infected within a ten minute period.

On Wednesday, FedEx announced that its subsidiary, TNT Express, had fell victim to the cyber-attack. TNT Express' operations and communication systems were affected, which could cause service delays. No other FedEx subsidiaries were hit. The American pharmaceutical company Merck was also hit by the attacks, along with food brands Nabisco and Oreo. Ukraine was the first to report these attacks, where the power grid and Chernobyl nuclear power plant were affected. Banks, airports, hospitals and grocery stores across Europe were hit.

The U.S. Department of Homeland Security is investigating the cyber-attack.

Meanwhile, the Los Angeles County Board of Supervisors website was also hacked Tuesday by a pro-Islamic State group. The hacker substituted a pro-ISIS message for links to county information.

The site at www.bos.lacounty.gov was restored Tuesday night.

"No breach of data occurred and no personal information was compromised," a county spokesman said.

(©2017 CBS Local Media, a division of CBS Radio Inc. All Rights Reserved. This material may not be published, broadcast, rewritten, or redistributed. Wire services contributed to this report.)