It's on us. Share your news here.

Seattle-Tacoma Airport Hackers Demand $6 Million In Bitcoin For Stolen Files

Seattle-Tacoma Airport Hackers Demand $6 Million In Bitcoin For Stolen Files

Posted on September 23, 2024

Hackers are demanding approximately $6 million in cryptocurrency for documents stolen from Port of Seattle, the operator of Seattle-Tacoma International Airport (SEA). The ransomware gang behind the attack posted stolen files to the dark web and is seeking 100 Bitcoin as payment to unlock data it encrypted.

Sea-Tac rejects ransomware demands

As reported by AP News, Lance Lyttle, Port of Seattle’s managing director of aviation, confirmed that the Sea-Tac airport operator had received a ransom demand worth over $6.2 million at Bitcoin’s current valuation. Speaking to a US Senate committee, Lyttle said that the hackers were able to encrypt some data before the airport halted their attack. Lyttle said,

“On Monday, they posted on their dark website a copy of eight files stolen from Port systems and are seeking 100 bitcoin to buy the data.”

Port of Seattle has decided not to pay the ransom, with officials stating that paying the ransom would not be a good use of taxpayer dollars. The cyberattack has been linked to a group called Rhysida, which has launched several high-profile ransomware heists in the past, including attacks on the British Library and systems used by the city of Columbus, Ohio. The group posted images of stolen files on Monday and gave Port of Seattle a seven-day deadline before threatening to make the files public.

Rhysida – believed to be Russian in origin – is also said to offer its services and software out to third-party clients in exchange for a share of the profits. In previous cases where victims have not paid the requested ransom, Rhysida has gone through with its threats to publicly release the stolen data, meaning it is likely to do the same with Port of Seattle.

Steve Metruck, the Port’s executive director, previously stated that the operator had no intent on paying the ransom,

“Paying the criminal organization would not reflect Port values or our pledge to be a good steward of taxpayer dollars.”

The airport has not disclosed the nature of the data stolen and may not even know the extent of the breach, but hackers have claimed to stolen over 3TB of data. Lyttle said the airport would contact any individuals who may have had their information stolen – Port of Seattle has also said it will bolster its IT and security systems to prevent such a breach in the future.

Systems still recovering

SEA continues to suffer from the impact of the cyberattack weeks after regaining control of its systems. In the immediate aftermath of the attacks, the airport’s ticketing and baggage systems were severely affected, along with internet, phone and other technology outages.

The airport’s officials were unable to provide a timeline of when full services will be restored.

The attack began on August 24th in the lead-up to the busy Labor Day travel period, also crippling the airport’s official website and app. Even departure screens in terminals were out, leaving passengers struggling to find their gates. Given its heavy reliance on IT systems to operate smoothly, the aviation ecosystem has faced its fair share of ransomware attacks in the past – planemaker Boeing was the victim of a data breach in late 2023, with hackers demanding a whopping $200 million.

Source

It's on us. Share your news here.
Submit Your News Today

Join Our
Newsletter
Click to Subscribe