- Hackers have recently demanded over $6 million in bitcoin from the operator of Seattle-Tacoma International Airport (SeaTac) following a cyberattack last month.
- Stolen documents have been posted on the dark web, adding pressure on the airport’s management.
- Lance Lyttle, managing director of aviation for the Port of Seattle, stated that the port will not pay the ransom and the FBI has started an investigation.
The latest cyberattack on SeaTac airport has led to a $6 million bitcoin ransom demand, with the FBI now involved in the investigation.
Cyberattack Targets Seattle-Tacoma International Airport
In a recent announcement, Seattle-Tacoma International Airport officials disclosed that they had been targeted in a cyberattack. The attack, which occurred just before the Labor Day weekend, was conducted by a ransomware group known as Rhysida. The attackers demanded 100 bitcoin, equivalent to over $6 million, to release sensitive data. The stolen documents were posted on the dark web earlier this week.
Details and Impact of the Cyberattack
According to Lance Lyttle, the ransomware group managed to encrypt some data, although the airport officials were able to stop the attack from causing more extensive damage. The incident caused disruptions in various airport operations, including ticketing, check-in kiosks, and baggage handling systems. Smaller airlines at the airport were particularly affected, with some having to revert to issuing paper boarding passes during the attack. While the exact content of the stolen documents was not revealed, Lyttle assured that affected individuals would be notified.
Response and Investigation
The Port of Seattle, which owns the airport, has decided not to pay the ransom, citing the misuse of taxpayer funds as a key reason. The FBI has been called in to investigate the incident. Lance Lyttle informed a U.S. Senate committee about the attack and the ongoing investigation. “On Monday, Rhysida posted a copy of eight files stolen from Port systems on their dark website,” he detailed.
Broader Implications and Security Measures
The cyberattack on Seattle-Tacoma International Airport underscores the growing threat of ransomware attacks on critical infrastructure and public services. This incident follows a similar attack on the city of Columbus, Ohio, also believed to be carried out by the Rhysida group, though no ransom was demanded in that case. As cyber threats continue to evolve, it is crucial for public entities and private companies to strengthen their cybersecurity measures to protect sensitive information and maintain operational integrity.
Conclusion
The cyberattack on Seattle-Tacoma International Airport serves as a stark reminder of the ever-present risk posed by ransomware groups. By refusing to pay the ransom, the Port of Seattle has taken a firm stand against cybercriminals, prioritizing the responsible use of taxpayer money. The ongoing FBI investigation will hopefully bring those responsible to justice and lead to enhanced security measures to prevent future attacks. As cyber threats become increasingly sophisticated, collaboration between government agencies and private organizations is essential in safeguarding against such breaches.