The Port of Seattle, which operates Seattle-Tacoma International Airport, is investigating a “possible cyberattack” after computer outages caused disruptions to airport operations and flight delays.
The outage of the internal internet and web systems occurred early Saturday morning, according to a Xeet from the official account of the airport, which serves as a transportation hub for Alaska Airlines and Delta Air Lines.
In a subsequent Xeet, the Port of Seattle confirmed that it had “isolated critical systems and was in the process of restoring full operations. An estimated time for restoration is not yet known.”
The disruptions continued into Sunday. The airport asked travelers to check in before arriving at Sea-Tac and to allow extra time to get to the gates. We were told there were also technical issues with the terminal screens, which added to the disruptions.
Airport visitors reported long queues as several airlines issued tickets in person, and local media reported that “thousands” of travelers were affected.
The port’s website has been offline since Monday. The airport and port authorities did not immediately respond to The RegisterAfter consulting with ABC about the cyberattack, including the question of whether it was a ransomware infection, the transport authorities informed the broadcaster that the federal government was also involved in the investigation.
“We are conducting a thorough investigation with the assistance of outside experts,” Lance Lyttle, aviation executive director at Seattle-Tacoma International Airport, said in a statement.
“We have reached out to and are working closely with federal partners, including TSA and Customs and Border Protection,” Lyttle added.
The likely cyberattack comes at a time when ransomware gangs are attacking critical infrastructure, including transportation companies.
Of the 395 ransomware attacks criminals claimed responsibility for in July, more than a third (125 or 34 percent) targeted these critical industries, according to NCC Group.
The researchers noted that these essential services and facilities made them “high-value targets” for financially motivated criminals, saying that “ransomware actors pressure these victims to pay, taking advantage of their need to remain operational.”
And making matters worse for weary travelers, this weekend’s cyberattack came a month after a faulty CrowdStrike update caused a global outage that also brought air traffic to a halt at airports around the world. ®
