The Port of Seattle recently fell victim to a ransomware attack carried out by the Rhysida group, which demanded a payment of 100 bitcoin, equivalent to around $6 million. The decision to pay a ransom is a highly debated topic, with some arguing that it can help regain access to data and resume business operations, while others believe it funds criminal activities and sets a dangerous precedent. The FBI, which is leading the investigation into the cyberattack, does not support paying a ransom in response to a ransomware attack.
The Port of Seattle refused to pay the ransom demanded by Rhysida, citing that it goes against their values and is not the best use of public funds. Not paying a ransom can have consequences, as seen with MGM Resorts, which incurred over $100 million in lost revenue after refusing to pay a ransom following a ransomware attack. Caesars, on the other hand, reportedly paid a $15 million ransom after a similar attack. Seattle Public Library also did not pay a ransom after a cyberattack earlier this year. It is still unclear how the Port of Seattle was hacked and what other data may have been compromised.
The cyberattack on the Port of Seattle resulted in an outage that shut down WiFi at Sea-Tac airport, caused delays to baggage services, and disrupted flight information screens inside the terminal. Sen. Maria Cantwell, who chairs the Senate committee, highlighted the increase in cyberattacks on the aviation industry and emphasized the need for stronger cybersecurity measures. The airport and Port’s websites are still down, and some services are still inaccessible, despite the travel experience at Sea-Tac returning to normal.
Lance Lyttle, managing director of aviation for Sea-Tac Airport, provided testimony at a Senate Commerce committee hearing on aviation cybersecurity threats, stating that the Port is reviewing the files posted by Rhysida and will notify individuals whose information is compromised. The investigation into the cyberattack is ongoing, with Rhysida previously targeting other institutions such as the British Library and the City of Columbus, Ohio. The Port of Seattle is working to strengthen its cybersecurity defenses and enhance monitoring to prevent future attacks.
The decision to pay a ransom following a ransomware attack can have ethical and legal implications, with experts emphasizing the importance of having robust security infrastructure and backup systems in place. It is important to consider the potential consequences of paying a ransom, such as funding criminal activities and encouraging future attacks. Despite the challenges posed by cyberattacks on critical infrastructure, Cantwell stressed the need for a proactive approach to cybersecurity to protect against evolving threats in the aviation industry.
