The Louisiana state agency overseeing one of America’s largest ports by volume suffered a cyber-attack in last year that cost it more than $420,000, a newly public audit has found.
Auditors for the Port of South Louisiana said the cyber-attack led to the money being misappropriated. Port officials have been able to recoup about $250,000 through insurance and are filing paperwork to seek more reimbursement.
The agency has a budget of about $15 million a year.
A new annual audit, which covered the fiscal year ending on April 30, 2022, disclosed the theft but offered few details about what the hack was, when it happened or if any arrests had been made.
But port officials’ response to the auditors offered some clue.
Officials told auditors that they were training employees to protect against future attacks and have started “a third-party verification process” for vendors seeking payment that includes “verifying information through a phone call with a representative of the requesting vendor.”
Micah Cormier, spokesman for the port, said Wednesday the port would not offer more details “because making that information public will make the port vulnerable to another attack.”
The port hired Evalv IQ, a firm with expertise in cybersecurity. The company has completed “a cyber audit” that did not turn up “an active or live breach within 2022,” Cormier said.
“There were minor network vulnerabilities that have been corrected,” he said.
Separately, in September, port officials also announced they have received a nearly $1 million grant from the Federal Emergency Management Agency to improve the state agency’s cybersecurity and other security measures.
The grant award wasn’t directly related to the cyber-attack, Cormier said, but reflected a broader decision to respond seriously to rising security risks.
“This is becoming a bigger threat across the country and the world. This is just for simply locking down our vulnerabilities and hardening our infrastructure here, so we can make it better and prevent it from happening,” he said.
The FEMA dollars are expected to beef up not only cyber security technologies and monitoring but also geographical software systems.