The Port of Seattle, a U.S. government agency that oversees Seattle’s seaport as well as Seattle-Tacoma International Airport (among others), suffered a cyberattack over the weekend that crippled its operations and took parts of its infrastructure offline.
Security operations do not appear to be affected, however, given that the incident has characteristics of a ransomware attack, sensitive data could be at risk.
Early Saturday morning, Port of Seattle’s X account announced it had experienced an outage in internet and web systems, “which is impacting some airport systems.” The company told passengers to check with their airlines for the latest information about their flights.
Continuous interruption
“Early this morning, the Port of Seattle experienced some system outages indicating a possible cyber attack,” the company said in the thread. “The Port has isolated critical systems and is working to restore full service and does not have an estimated time for return.”
A day later, the company said the system outage was continuing as cybersecurity teams “continue to make progress” to get systems back up and running. No timeline was given.
The fact that the attack took days to resolve and the fact that the organization was forced to shut down parts of its infrastructure point to this being a ransomware attack. However, there is no confirmation yet. Still, in ransomware attacks, hackers also steal sensitive data from the affected systems, which, given the nature of operations at the Port of Seattle, could be quite damaging.
So far, adjacent organizations have not suffered any disruption as a result of the attack, Alaska Airlines said. Geekwire It was able to fly its full schedule over the weekend, while the Transportation Security Administration (TSA) saw no impact on security operations.
“There is no impact to TSA operations at the security checkpoint and TSA continues to screen passengers using its robust procedures,” he told the publication.
At the time of writing, no ransomware operator (or any other group) has claimed responsibility for the attack or leaked any information.
Through TechnologyCrunch