Seattle-Tacoma International Airport in Seattle, Washington, suffered operational disruptions for the third day on Monday, following disruptions caused by a cyberattack since Saturday.

Accordingly The Port of Seattle, which owns and operates the airport, caused “internet web system outages” that affected some of the airport’s systems. A recent update today notes that “system outages continue to occur” and that “we continue to work closely with our partners to restore services.”

At the time of writing this article, the official website of Seattle-Tacoma International Airport is still offline.

According to the Associated Press, the airport is currently investigating the outages, hiring outside experts and working with federal partners such as the Transportation Security Administration and Customs and Border Protection. The same report said that while the airport is trying to minimize delays, travelers should expect longer than usual wait times to go through security, check in and collect their luggage.

There is little reliable information saying exactly what happened, but there is a good chance it is ransomware. Problems lasting three days, systems offline (probably to prevent lateral movement), and outside experts brought in sounds like ransomware.

“There are not enough details of the attack to know what is going on, but most undefined cyberattacks are later declared to be successful ransomware attacks,” Roger Grimes, data-driven defense evangelist at security awareness training company KnowBe4 Inc., told SiliconANGLE via email.

“Almost all organizations, including most airlines and airports, are vulnerable to cyberattacks. Why? One of the main reasons is that 70 to 90 percent of all successful cyberattacks are due to social engineering and phishing,” explains Grimes. “About a third of all successful cyberattacks are due to unpatched software or firmware. These two fundamental causes of hacking account for 90 to 99 percent of the risk in most organizations, including airlines and airports, and have been for as long as computers have existed.”

The attack on Seattle-Tacoma International Airport also raises concerns about the security of transportation links in general. Nick Tausek, senior security architect at security automation company Swimlane Inc., points out that the attack is “a stark reminder of the vulnerabilities of critical infrastructure.”

“Airports that serve as critical hubs in the global transportation network, particularly Sea-Tac as the busiest airport in the Pacific Northwest, are increasingly attractive targets for cybercriminals,” Tausek added. “This incident underscores the need for constant vigilance to protect the operational integrity of these critical services.”

Photo: Corey Seeman/Flickr