In another sobering reminder of the vulnerability of our critical infrastructure, the Port of Seattle and Seattle-Tacoma International Airport (Sea-Tac) were hit by a cyberattack this weekend, disrupting operations and leaving thousands of travelers in distress. This attack came shortly after a recent CrowdStrike outage that shut down air traffic and was followed shortly thereafter by outages at two Seattle-based tech giants, Amazon and Microsoft. Fortunately, this latest incident did not occur during the upcoming Labor Day holiday weekend, but it serves as a stark warning of the ongoing and escalating threats we face.

Testing the Perimeter: Lessons from History

Cyberattacks on critical infrastructure are not just random acts of malice; they are deliberate tests of our defenses. The outages at the Port of Seattle and Sea-Tac Airport that began Saturday morning have once again highlighted the fragility of our infrastructure’s cyber defenses. The Port’s publicly accessible web infrastructure, including its website, remains largely offline, particularly affecting international travelers as manual data entry during flight check-in has caused significant delays.

A disturbing story of cyberattacks at airports

This is not the first time airports have been targeted by cyberattacks, and it likely won’t be the last. There has been a growing trend of cyberattacks on major U.S. and international airports in recent years. In October 2022, several major U.S. airports, including Los Angeles International Airport (LAX), Chicago O’Hare (ORD), and Atlanta Hartsfield-Jackson International (ATL), experienced temporary outages due to distributed denial-of-service (DDoS) attacks. These incidents were reportedly part of a pro-Russian cyber campaign. Similarly, a 2021 cyberattack on the Colonial Pipeline highlighted how even a small vulnerability can lead to widespread disruption. These attacks often serve as a precursor to larger threats as hackers test the resilience of critical infrastructure. The aviation industry in particular has become a popular target due to the potential for widespread chaos and disruption.

Although the Transportation Security Administration (TSA) has assured that there was no impact to security operations, the disruption to airport operations was significant. The fact that this incident continued for two days with no clear time for resolution is unacceptable. This attack is not an isolated incident; it is part of a broader trend that requires immediate and decisive action.

Lack of preparation and foresight

The big question is: When will we learn from this? How many more attacks like this must occur before we hold executives and boards accountable for lax security and emergency preparedness? The recent wave of cyberattacks on Seattle’s infrastructure and tech giants is not just a series of unfortunate events; it is a systemic failure that reflects a lack of preparation and foresight.

Having a hacker penetrate our systems is bad enough, but the inability to recover quickly only exacerbates the problem. The delays in restoring full operations at Sea-Tac Airport are a testament to the inadequacy of not only current cybersecurity practices, but also disaster recovery plans. This is not just a technical problem; it is a leadership failure. Executives and boards of directors must be held accountable for the safety of their organizations and, in turn, for the safety and well-being of the public.

The growing threat to critical infrastructure

This attack on Sea-Tac Airport is part of a broader pattern of increasing cyber threats to critical infrastructure. Last year, the Biden administration issued an executive order to improve cybersecurity at ports, acknowledging the growing danger. But these measures alone are not enough. The recent cyberattacks in Seattle are a stark reminder that we must do more to protect our infrastructure from those seeking to exploit its vulnerabilities.

Following these incidents, it is clear that the transportation and critical infrastructure sectors must prioritize cybersecurity as a core element of their business operations. The time for reactive measures is over; we must take a proactive approach that anticipates and mitigates potential threats before they can cause widespread disruption.

The urgency of action

The cyberattack on Seattle-Tacoma International Airport is a wake-up call for all of us. The last time airports were attacked was three. Will another airport be targeted just before a holiday weekend? This incident is a stark reminder that our critical infrastructure is under constant threat and that we must act immediately and decisively to protect it. The time for complacency is over. We must hold those responsible and politicians accountable – especially during this election season – and demand that they make the security of our infrastructure a top priority. Let us not forget that candidate Hillary Clinton may have lost the 2016 election due to a hacked server and lax security.

Going forward, it’s important that we learn from these incidents and take the necessary steps to prevent future attacks. This includes not only investing in advanced cybersecurity technologies, but also fostering a culture of security awareness at all levels of an organization. Only by taking these steps can we hope to protect our infrastructure and ensure it remains resilient in the face of evolving threats. The events in Seattle are a stark reminder that the security of our infrastructure is not just a technical issue; it’s a matter of national importance. It’s time we took it seriously.