The Port of Seattle has isolated its critical systems after the port identified system outages consistent with a cyberattack last month.
The port has worked to ensure safe access for partners and travellers, collaborating with forensic specialists and supporting law enforcement’s investigation into a ransomware attack by the Rhysida group.
The attack was stopped on 24 August, with no further unauthorised activity since.
The Port of Seattle reported that it remains safe to travel from Seattle-Tacoma International Airport and use the port’s maritime facilities.
The investigation determined that the unauthorised actor was able to gain access to certain parts of its computer systems and was able to encrypt access to some data.
The port took steps to block further activities including disconnecting its systems from the internet, but the encryption and response actions hindered some services including baggage, check-in kiosks, ticketing, Wi-Fi, passenger display boards, the port’s website, the flySEA app, and reserved parking.
As the port refused to pay the ransom, it is feared that the attacker may post allegedly stolen data on the dark web. While the investigation is ongoing, it appears some data was accessed in mid-to-late August.
The port’s investigation of what data the actor took is ongoing, but it does appear that some port data was obtained by the actor in mid-to-late August.
READ: Ports of Tacoma, Seattle ink infrastructure design agreements
“From day one, the port prioritised safe, secure and efficient operations at our facilities,” said Steve Metruck, Executive Director of the Port of Seattle.
“We are continuing to make progress on restoring our systems. The Port of Seattle has no intent of paying the perpetrators behind the cyberattack on our network.
“Following our response efforts, we also commit to using this experience to strengthen our security and operations, as well as sharing information to help protect businesses, critical infrastructure and the public.”
Earlier this year, the Biden Administration announced that it would issue an Executive Order to improve port cybersecurity in the US.
Is safety a priority in your operations?
Join the Maritime Safety Series: Port Edition, a new virtual event from Port Technology International and ICHCA, focused on improving port safety through discussion and innovation.