Cybercriminals Target Major Airport in Hefty $6 Million Hostage Situation

Hand typing on laptop with code on screen.

Rhysida ransomware group launched a $6 million cyberattack on Sea-Tac Airport, disrupting crucial systems.

At a Glance

  • Hackers demand $6 million in Bitcoin from Seattle-Tacoma International Airport for stolen documents.
  • The Port of Seattle, which operates the airport, has decided not to pay the ransom.
  • Most systems are back online, but the airport’s website and some internal functions remain compromised.
  • The FBI is conducting a criminal investigation.
  • Hackers posted eight stolen files on the dark web and are seeking 100 Bitcoin.

Cyberattack Cripples Sea-Tac Operations

On August 24, Seattle-Tacoma International Airport (Sea-Tac) faced a severe ransomware attack orchestrated by the Rhysida group. The attackers demanded 100 bitcoins, or approximately $6 million, for the return of stolen data. This attack led to massive disruptions, including website outages, email communication failures, and issues with phone services. Port of Seattle officials have refused to pay the ransom, opting instead to focus on system recovery and reviewing the compromised data. They are also working with federal agencies to enhance cybersecurity measures.

The investigation has identified Rhysida as the group responsible for the attack, which began just a week before the Labor Day holiday weekend. According to Lance Lyttle, the aviation managing director of Sea-Tac, the attackers posted eight files on a darknet site. Lyttle, confirming the severity of the situation, mentioned the significance of focusing on operational recovery rather than paying the ransom.

Ransom Demands and Data Leaks

The attackers leaked portions of the stolen data on the dark web, claiming to have over 3 terabytes of sensitive information. They threatened to release the personal information of airport employees unless the ransom was paid. Despite these threats, the Port of Seattle has chosen to stand firm, focusing on recovery and collaboration with federal agencies including the FBI, which is conducting a criminal investigation into the incident.

The attack led to operational chaos, forcing the airport to revert to manual processes. Ticketing systems, check-in kiosks, and baggage handling were severely affected, though flights continued to operate. Smaller airlines had to issue paper boarding passes. The FBI’s involvement highlights the severity of the security breach and the growing threat to America’s critical infrastructure.

Impact and Future Measures

U.S. Senator Maria Cantwell also emphasized the broader impact of the attack during a Senate Commerce, Science, and Transportation Committee hearing. The senator highlighted the vulnerability of critical infrastructure and advocated for stronger cybersecurity measures in the aviation sector. This includes provisions under the FAA Reauthorization Act of 2024, which mandates the establishment of a comprehensive cybersecurity threat management process.

Senator Cantwell’s remarks point towards a pressing need for Congress and the aviation industry to take immediate action to protect air travel from future disruptions. The Sea-Tac incident exemplifies the growing pattern of cyberattacks on essential services, highlighting the urgency for a nationwide cybersecurity strategy to safeguard the nation’s critical infrastructure.

Sources:

  1. Hackers demand $6 million for files stolen from Seattle airport operator in cyberattack
  2. Hackers demanded $6 million in bitcoin for Sea-Tac Airport cyberattack, officials say
  3. Seattle Airport Hack Update: Hackers Demand $6M in Bitcoin for Stolen Files
  4. Seattle Airport Hit by $6M Bitcoin Ransom Demand After Cyberattack
  5. Sea-Tac Airport refuses to pay 100-bitcoin ransom after August cyberattackUpdated 4 hours ago
  6. Seattle Airport Hack: Hackers Demand $6M Bitcoin Ransom For Stolen Files
  7. Ransomware group that attacked Sea-Tac Airport’s systems demands $6M in bitcoin
  8. A cyberattack impacted operations at the Port of Seattle and Sea-Tac Airport