Cyberattack on Port of Seattle Disrupts Critical Systems, Sparks Ongoing Investigation

48

The Port of Seattle recently faced a cyberattack that led to system outages across its critical infrastructure, consistent with a ransomware assault. The attack, attributed to the Rhysida group, was halted on August 24, with no further unauthorized activity reported since.

In response to the breach, the port took immediate steps to safeguard its operations. Collaborating with forensic experts and law enforcement, officials worked to ensure secure access for both partners and travelers. Despite the disruption, Seattle-Tacoma International Airport and the port’s maritime facilities remain operational and safe for use.

Attack Overview and Response Efforts

Investigations revealed that the hackers managed to infiltrate portions of the port’s computer systems, encrypting access to specific data. To prevent further unauthorized activity, the port disconnected its systems from the internet. However, the response actions caused temporary outages in several services, including baggage handling, check-in kiosks, ticketing, Wi-Fi, passenger display boards, the port’s website, the flySEA app, and reserved parking services.

Despite the disruption, the Port of Seattle made it clear that they had no intention of paying the ransom demanded by the attackers. The port fears that the stolen data may be released on the dark web, though the investigation into the nature and scope of the accessed information is still ongoing. Current findings suggest that some data may have been compromised in mid-to-late August.

Commitment to Security and Future Improvements

Steve Metruck, Executive Director of the Port of Seattle, emphasized that the port has prioritized maintaining safe and secure operations throughout the incident. Efforts are ongoing to restore affected systems, and the port remains committed to strengthening its cybersecurity defenses. In addition, the port intends to share information gained from this attack to help protect other businesses, critical infrastructure, and the public from future threats.

In a broader context, the attack on the Port of Seattle highlights the growing importance of cybersecurity in the maritime industry. Earlier this year, the Biden Administration announced plans to issue an Executive Order aimed at improving cybersecurity standards at US ports, underscoring the critical need for enhanced protection in this sector.

Did you subscribe to our daily Newsletter?

It’s Free Click here to Subscribe!

Source: Port technology