The Port of Seattle, a U.S. government agency that oversees the Seattle Seaport and Seattle-Tacoma International Airport, among others, was the victim of a cyberattack over the weekend that paralyzed its operations and brought parts of its infrastructure offline.
Security operations do not appear to be compromised, but since the incident shows signs of a ransomware attack, confidential data could be at risk.
Early Saturday morning, the Port of Seattle X-Account announced that it had experienced an internet and web systems outage “affecting some systems at the airport.” The company urged air travelers to check with their airline for the latest information on their flights.
Ongoing outage
“This morning, the Port of Seattle experienced certain system outages indicating a possible cyberattack,” the company said in the thread. “The port has isolated critical systems and is currently working to restore full operations. However, there is no estimated time for recovery yet.”
A day later, the company said the system outage was ongoing while cybersecurity teams “continued to make progress” in restoring systems to normal operation. No timeline was given.
The fact that the attack is taking several days to resolve and that the organization was forced to shut down parts of its infrastructure suggests that this is a ransomware attack, although this has not yet been confirmed. However, ransomware attacks also involve hackers stealing sensitive data from affected systems, which could be quite disruptive given the nature of what is happening at the Port of Seattle.
So far, neighboring organizations have not been affected by the attack. Alaska Airlines reported Geekwire The airport was able to maintain its full flight schedule over the weekend and the Transportation Security Administration (TSA) found no disruption to security procedures.
“There is no impact to TSA operations at the security checkpoint, and TSA continues to screen passengers according to its rigorous procedures,” the publication said.
At press time, no ransomware operator (or any other group) had claimed responsibility for the attack or shared information.
Over TechCrunch