You are viewing a single comment's thread from:

RE: LeoThread 2024-09-15 01:40

in LeoFinance2 months ago

Port of Seattle reveals details of ransomware attack, says it refused to pay criminal organization

The Port of Seattle said some of its data may be at risk of being posted online after it refused to pay a ransom demanded by a criminal organization responsible for a cyberattack that took place nearly three weeks ago.

The Port revealed new details on Friday about the Aug. 24 cyberattack that impacted various operations, including at Seattle-Tacoma International Airport.

#newsonleo #technology #ransomware #attack

Sort:  

“Our investigation has determined that the unauthorized actor was able to gain access to certain parts of our computer systems and was able to encrypt access to some data,” the Port said.

According to the Port, the ransomware attack was carried out by Rhysida, which claimed responsibility for cyberattacks on the British Library last year and the City of Columbus, Ohio this summer. It also targets hospitals and other government institutions.

The Port said that Rhysida claims to have stolen data and may post it “on their darkweb site” as a result of the refusal to pay the ransom.

More from the Port:

“Our investigation of what data the actor took is ongoing, but it does appear that some Port data was obtained by the actor in mid-to-late August. Assessment of the data taken is complex and takes time, but we are committed to these efforts and notifying potentially impacted stakeholders as appropriate. In particular, if we identify that the actor obtained employee or passenger personal information, we will carry out our responsibilities to inform them.”

The attack and the Port’s response to isolate critical systems resulted in an outage that shut down WiFi at the airport, caused delays to baggage services, and disrupted many screens inside the terminal showing flight information.

Airport workers had to resort to manual methods, such as writing flight numbers and carousel locations on large sheets of paper and issuing handwritten boarding passes and bag tags.

The outage did not impact flights or security checkpoints at Sea-Tac Airport, or cruise travel.

The travel experience at Sea-Tac is now “normal,” the airport announced Wednesday.

However, the airport and Port’s websites are still down. Other services such as the airport’s lost and found and visitor pass program are still not accessible.

Some maritime operations managed by the Port of Seattle are also still in recovery mode.

“Enterprise applications essential to business functions, such as accounts payable services, contract management, phone service, and the public website were affected in the attack,” the Port said. “Many of these services have been restored with temporary or workaround solutions, although some key systems remain offline.”