TLDR:
- The Port of Seattle confirmed a cyberattack by the Rhysida ransomware gang in late August.
- The attack led to disruptions in airport services and the Port refused to pay the ransom demanded by the attackers.
Port of Seattle Confirms August Cyberattack by Rhysida Ransomware
The Port of Seattle has confirmed that the Rhysida ransomware gang orchestrated the cyberattack that disrupted its systems and operations in late August. The attack forced the Port to isolate critical systems, impacting Seattle-Tacoma International Airport and the Port’s maritime facilities. The attackers gained unauthorized access to certain parts of the computer systems, leading to disruptions in airport services. Despite the severity of the attack, the Port refused to pay the ransom demanded by the attackers, citing its values and commitment to being a good steward of taxpayer dollars. The investigation into the incident is ongoing, with the Port committed to transparency and strengthening its defenses to protect against future attacks.
Enhancing Cybersecurity Measures
Since the attack, the Port has been working to restore affected systems and enhance its cybersecurity measures. Most services were brought back online within a week, but work is still underway to fully restore the Port’s website and internal portals. The Port remains on heightened alert and is continuously monitoring its systems for any further unauthorized activity. Rhysida is a relatively new ransomware operation that has targeted various sectors, including healthcare, government, and now transportation. The gang has been linked to high-profile attacks in recent months, emphasizing the importance of organizations being vigilant and proactive in their cybersecurity efforts.
Final Thoughts
The Port of Seattle’s response to the cyberattack highlights the importance of having robust cybersecurity measures in place to protect against threats. By refusing to pay the ransom and focusing on restoring affected systems and enhancing defenses, the Port is taking proactive steps to mitigate the impact of the attack and prevent similar incidents in the future. As the investigation continues, the Port’s commitment to transparency and information sharing will be crucial in helping other organizations protect themselves from cyber threats.