The Port of Seattle, which manages Seattle-Tacoma International Airport (Sea-Tac), has reported a “possible cyberattack” that has caused significant disruption to its internet and web systems.
The incident, which began on the morning of August 24, 2024, resulted in outages of several critical airport systems, including websites and telephone services.
Initially, the Port of Seattle and Sea-Tac Airport had only identified system outages, but by the afternoon they recognized the possibility of a cyberattack. This potential breach has raised concerns about the security of critical infrastructure, especially because the disruptions directly impacted airport operations.
Seattle-Tacoma International Airport posted on social media platform X: “The Port of Seattle, including SEA Airport, is experiencing an internet and web system outage that is impacting some systems at the airport. Passengers are asked to check with their airline for the latest information regarding their flights.”
The Transportation Security Administration (TSA) assured the public that its operations were not impacted and security checkpoints continued to function as usual. However, passengers were asked to stay updated on the status of their flight and to allow additional time for airport procedures due to the current situation.
As a precautionary measure, the Port of Seattle has isolated critical systems and is actively working to restore full operations. Despite these efforts, there is currently no estimate as to when systems will be fully operational again, causing uncertainty for many travelers.
Oilfield services provider Halliburton also reports a cybersecurity breach
In a related development, Halliburton, a major player in the global energy sector based in the US, was the victim of a major cyberattack that impacted operations at its North Houston campus and disrupted several global connectivity networks.
The oilfield services provider has since taken some of its systems offline as a precautionary measure and is working with law enforcement and third-party cybersecurity experts to assess the damage and restore the affected systems. While the details of the attack are still being investigated, it is suspected to be ransomware, a type of malware in which attackers encrypt data and demand a ransom for its release.
Escalating cyber threats in 2024
Several major cyberattacks have already occurred in 2024, underscoring the growing threat to critical infrastructure and sensitive data. In April, the Simone Veil Hospital in Cannes was hit by a ransomware attack by the LockBit 3.0 group, forcing the hospital to return to manual operations for weeks.
In the healthcare sector, another serious data theft occurred at the pharmaceutical company Cencora, where data was exfiltrated, raising doubts about the security of medical information.
In the technology sector, a data breach at project management platform Trello occurred in January, exposing 15 million user accounts and exposing vulnerabilities in public APIs. In addition, German battery manufacturer VARTA had to halt production at five plants in February due to a cyberattack that affected its IT systems.
Global systems disrupted due to faulty CrowdStrike update
This year also saw one of the most devastating cyber incidents: a large-scale IT outage caused by a faulty update from CrowdStrike, a leading cybersecurity company.
On July 19, 2024, CrowdStrike released an update to its Falcon sensor software that inadvertently triggered a global outage affecting approximately 8.5 million Windows devices. This incident caused significant disruption across various sectors, including critical services such as airports, banks, and hospitals.
