Port of Seattle confirms the August attack was carried out by the Rhysida ransomware group

0
83
Port of Seattle confirms the August attack was carried out by the Rhysida ransomware group
Port of Seattle confirms the August attack was carried out by the Rhysida ransomware group

The Port of Seattle, which also manages the Seattle-Tacoma International Airport, was the target of a cyberattack in August that affected phone lines and websites.

The websites, email, and phone services of the Port of Seattle, which also runs the Seattle-Tacoma International Airport, were reportedly affected by a cyberattack, according to media reports. The cyberattack caused travel arrangements to be disrupted.

“A spokesperson for Alaska Airlines said staff was manually sorting over 7,000 bags because “a majority” of checked bags missed their flights this weekend.”

“We believe this was a cyberattack,” said Lance Lyttle, managing director of aviation for Sea-Tac Airport, at a news conference Sunday afternoon.”

“We are conducting a thorough investigation with the assistance of outside experts. We have contacted and are working closely with federal partners, including TSA and Customs and Border Protection,” Lyttle added.

The Port of Seattle initially announced that there was a problem with their web systems and internet. A statement on X stated that the issues had an effect on a few airport systems.

It was advised that travelers get the most recent information about their flights by contacting their carriers.

Critical systems were isolated by the port in reaction to the event.

Port of Seattle verified on Friday that the cyberattack was carried out by the Rhysida ransomware organization. Since May 2023, the Rhysida ransomware group has been operational. The ransomware group attacked companies in a variety of sectors, including government, manufacturing, healthcare, education, and information technology. “Targets of opportunity” are the victims of the gang.

“This incident was a “ransomware” attack by the criminal organization known as Rhysida. The efforts our team took to stop the attack on August 24, 2024, appear to have been successful. There has been no new unauthorized activity on Port systems since that day. We remain on heightened alert and are continuously monitoring our systems.” reads the update published by the agency. “It remains safe to travel from Seattle-Tacoma International Airport and use the Port of Seattle’s maritime facilities.”

The Port acknowledged that critical services like baggage handling, check-in kiosks, ticketing, Wi-Fi, and parking were interrupted after an unauthorized actor gained access to and encrypted portions of its computer systems. Additionally, the business claims that because it has declined to pay the ransom, the ransomware gang may release data that has been stolen.

“From day one, the port prioritized safe, secure, and efficient operations at our facilities. We are continuing to make progress on restoring our systems. The Port of Seattle has no intent of paying the perpetrators behind the cyberattack on our network,” said Steve Metruck, Executive Director of the Port of Seattle. “Paying the criminal organization would not reflect Port values or our pledge to be a good steward of taxpayer dollars. We continue working with our partners to not just restore our systems but build a more resilient port for the future. Following our response efforts, we also commit to using this experience to strengthen our security and operations, as well as sharing information to help protect businesses, critical infrastructure, and the public.”

The affected parties will be notified while the inquiry is still continuing.

The port declared that it has been taking further measures to improve its current security measures and fortify the IT infrastructure. The organization is stepping up its monitoring efforts and fortifying its identity management and authentication procedures.

Also readUnveiling the Ethical Imperatives: Navigating the Intersection of AI and Cybersecurity

Do FollowCIO News LinkedIn Account | CIO News Facebook | CIO News Youtube | CIO News Twitter 

About us:

CIO News is the premier platform dedicated to delivering the latest news, updates, and insights from the CIO industry. As a trusted source in the technology and IT sector, we provide a comprehensive resource for executives and professionals seeking to stay informed and ahead of the curve. With a focus on cutting-edge developments and trends, CIO News serves as your go-to destination for staying abreast of the rapidly evolving landscape of technology and IT. Founded in June 2020, CIO News has rapidly evolved with ambitious growth plans to expand globally, targeting markets in the Middle East & Africa, ASEAN, USA, and the UK.

CIO News is a proprietary of Mercadeo Multiventures Pvt Ltd.