Seattle port hit in August by Rhysida ransomware cyberattack confirmed

September 16, 2024
1 min read

TLDR:

  • The Port of Seattle confirmed a cyberattack by the Rhysida ransomware gang in late August.
  • The attack led to disruptions in airport services and the Port refused to pay the ransom demanded by the attackers.

Port of Seattle Confirms August Cyberattack by Rhysida Ransomware

The Port of Seattle has confirmed that the Rhysida ransomware gang orchestrated the cyberattack that disrupted its systems and operations in late August. The attack forced the Port to isolate critical systems, impacting Seattle-Tacoma International Airport and the Port’s maritime facilities. The attackers gained unauthorized access to certain parts of the computer systems, leading to disruptions in airport services. Despite the severity of the attack, the Port refused to pay the ransom demanded by the attackers, citing its values and commitment to being a good steward of taxpayer dollars. The investigation into the incident is ongoing, with the Port committed to transparency and strengthening its defenses to protect against future attacks.

Enhancing Cybersecurity Measures

Since the attack, the Port has been working to restore affected systems and enhance its cybersecurity measures. Most services were brought back online within a week, but work is still underway to fully restore the Port’s website and internal portals. The Port remains on heightened alert and is continuously monitoring its systems for any further unauthorized activity. Rhysida is a relatively new ransomware operation that has targeted various sectors, including healthcare, government, and now transportation. The gang has been linked to high-profile attacks in recent months, emphasizing the importance of organizations being vigilant and proactive in their cybersecurity efforts.

Final Thoughts

The Port of Seattle’s response to the cyberattack highlights the importance of having robust cybersecurity measures in place to protect against threats. By refusing to pay the ransom and focusing on restoring affected systems and enhancing defenses, the Port is taking proactive steps to mitigate the impact of the attack and prevent similar incidents in the future. As the investigation continues, the Port’s commitment to transparency and information sharing will be crucial in helping other organizations protect themselves from cyber threats.

Latest from Blog

Top 20 Linux Admin Tools for 2024

TLDR: Top Linux Admin Tools in 2024 Key points: Linux admin tools streamline system configurations, performance monitoring, and security management. Popular Linux admin tools include Webmin, Puppet, Zabbix, Nagios, and Ansible. Summary

Bogus job tempts aerospace, energy workers

TLDR: A North Korean cyberespionage group is posing as job recruiters to target employees in aerospace and energy sectors. Mandiant reports that the group uses fake job descriptions stored in malicious archives