The Port of Seattle has identified the hacker group Rhysida as the orchestrators of the August cyberattack that disrupted maritime operations and caused significant flight delays at the Seattle-Tacoma International Airport.
Rhysida’s Ransomware Attack
The Port of Seattle confirmed that the system outages experienced in August were the result of a ransomware cyberattack by the hacker group Rhysida. The attack, which occurred on August 24, crippled the port’s systems for its maritime operations and the Seattle-Tacoma International Airport. This led to delayed flight check-ins at the airport and resulted in numerous travelers missing their flights.
Port’s Response and Rhysida’s History
In a September 13 update, the Port of Seattle, which operates the airport, revealed that it had refused to meet the ransom demand set by the group. Rhysida is suspected to have orchestrated similar cyberattacks against the British Library and Insomniac Games. Steve Metruck, the Port of Seattle’s executive director, stated that paying the ransom would not align with the port’s values or its commitment to responsibly manage taxpayer dollars.
Data Breach and Restoration Efforts
The port believes that its data was accessed by the hacker group sometime in mid-to-late August. However, it remains uncertain whether Rhysida obtained any personal information of employees or travelers. The port is currently working on fully restoring all of its systems, but it has not provided a timeline for when this process will be completed.
The port’s focus remains on enhancing cybersecurity measures to prevent future cyberattacks and ensuring the safety and security of its operations.
