The Port of Seattle, a US government agency that oversees the Seattle seaport, as well as the Seattle-Tacoma International Airport (among others), suffered a cyberattack over the weekend which crippled its operations and brought parts of its infrastructure offline.
Security operations don’t seem to be impacted, however since the incident has the markings of a ransomware attack, sensitive data might be at risk.
On early Saturday morning, the Port of Seattle X account announced it had experienced an internet and web systems outage, “which is impacting some systems at the airport.” The company told air travelers to check with their airlines for the latest information for their flights.
Ongoing outage
“Earlier this morning the Port of Seattle experienced certain system outages indicating a possible cyberattack,” the company said in the thread. “The Port isolated critical systems and is in the process of working to restore full service and do not have an estimated time for return.”
A day later, the company said that system outage continued, as cybersecurity teams “continue to make progress” on returning systems to normal operations. There was no deadline given.
The fact that the attack takes days to remedy, and the fact that the organization was forced to shut down parts of its infrastructure, all point to this being a ransomware attack. There was no confirmation yet, though. Still, in ransomware attacks, hackers also steal sensitive data from affected systems which, given the nature of operations at the Port of Seattle, could be quite disruptive.
So far, adjacent organizations did not see any disruption as a result of the attack. Alaska Airlines told Geekwire it was able to fly its full schedule over the weekend, while the Transportation Security Administration (TSA) saw no impact on security operations.
“There is no impact to TSA’s operations at the security checkpoint and TSA continues to screen passengers using its robust procedures,” it told the publication.
At press time, no ransomware operators (or any other group, for that matter) assumed responsibility for the attack, or leaked any information.
Via TechCrunch