The Port of Seattle and Seattle-Tacoma International Airport have corroborated that the major system outages which took place late August were caused by a ransomware attack. On August 24, a cyberattack partially disrupted the critical operations at the airport with websites, emails, and phone services down and even affected some services at the airport. The attack was immediately detected and in response, the IT team decided to shut the entire system in order to prevent further damage.
Ransomware attack, by the criminal group, Rhysida, into the computer systems at the airport accessed unauthorised and encrypted some parts of their data. The spokesperson to the airport, Perry Cooper said that IT noticed some malicious activities in the system on the day of the attack and took immediate actions to stop the spread of malware. The Port of Seattle said the measures by its staff, including forensic experts and law enforcement, were effective in thwarting the attack since no further unauthorised activity was detected following the breach.
Operational Disruptions
Even with these measures being put into place, the attack had a great impact on the day-to-day running of Sea-Tac Airport. Passengers were denied the luxury of getting information on arrival and departure flight schedules from the reader boards for the past several days. The airlines at the airport could not use the digital systems and had to revert back to the old method of pen and paper for marking baggage. In addition to the others, critical services such as check-in kiosks,
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.