The Port of Houston was the target last month of a nation-state's cyberattack. Photo courtesy of Port of Houston Authority
Sept. 23 (UPI) -- The Port of Houston, one of the largest in the United States, announced Thursday that it was the target of a cyberattack last month.
"The Port of Houston Authority successfully defended itself against a cybersecurity attack in August," the port said in a brief statement. "Port Houston followed its Facilities Security Plan in doing so, as guided under the Maritime Transportation Security Act, and no operational data or systems were impacted as a result."
The port did not reveal more about the attack but it follows the Cybersecurity and Infrastructure Security Agency and the U.S. Coast Guard Cyber Command last week warning of actors attempting to exploit a newly discovered vulnerability in ManageEngine ADSelfService Plus, a password management service.
U.S. Cybersecurity and Infrastructure Security Agency Director Jen Easterly confirmed to lawmakers during a Senate Homeland Security and Governmental Affairs Committee on Thursday that the Houston Port was targeted through this vulnerability.
She did not reveal who was responsible but said, "I do think it is a nation-state actor."
Federal cybersecurity experts discovered the vulnerability in this attack and have notified critical infrastructure partners to see if others had been affected, she said.
"To this point in time we see that the campaign thus far is limited but we're continuing to work through it," she said, adding, "We are working very closely with our interagency partners and the intelligence community to better understand this threat actor so that we can ensure that we are not only able to protect systems but ultimately to be able to hold these actors accountable.'
The attack is the latest in a slew that have targeted the United States in the past half-year.
Following November's presidential election, it was revealed that several federal agencies, including that which oversees the nation's nuclear weapons, were the victims of state-sponsored actors who attacked them through a vulnerability in software by SolarWinds.
There have also been several high-profile ransomware attacks where hackers infiltrate a system with malware to encrypt files and disable the system. The actors then asked for money in exchange for the decryption, according to CISA's website.
Following several such attacks, President Joe Biden in May issued an executive order to beef up the nation's cybersecurity, which he followed up with a national security memo in late July.
In June, he also warned Russian President Vladimir Putin that there would be consequences if hackers linked to Russia attacked specific infrastructure sites after several attacks were connected to the nation.