After experiencing unauthorized activity on its network, the Port of Seattle continues to recover from a suspected cyberattack that affected various operations, including Seattle-Tacoma International Airport. While the travel experience is now back to normal at the airport, with flights and baggage information displaying correctly, the airport and Port’s websites are still down. Some services such as the airport’s lost and found and visitor pass program remain inaccessible, and maritime operations managed by the Port are still in recovery mode. Port officials have not disclosed details about the nature of the cyberattack, but have assured that flights and security checkpoints at the airport were not affected.
Despite the cyberattack causing inconvenience such as shutting down airport WiFi, delays to baggage services, and non-functioning flight information screens, airport workers managed to find manual solutions to keep operations running smoothly. Port of Seattle Executive Director Steve Metruck mentioned at a recent meeting that the investigation into the cyber incident is ongoing, and that the Port has taken steps to isolate critical systems and prevent any new intrusions. Metruck emphasized that the crisis has accelerated the implementation of technical changes that were already planned, and further details and lessons learned from the incident will be shared once the investigation is complete. He also highlighted the importance of investing in cybersecurity and being prepared for potential cyberattacks.
Recent cyberattacks on critical infrastructure and public entities like schools show a growing trend in such incidents, emphasizing the need for organizations to prioritize cybersecurity measures. Metruck advised businesses and government organizations to have plans in place for maintaining operations in case of a cyberattack gaining access to systems, and to ensure continued functionality in key processes. The Port of Seattle is providing updates about the outage on its website, keeping stakeholders informed about the ongoing recovery process. In the meantime, efforts are being made to restore full functionality to impacted services and operations while implementing enhanced security measures to prevent future cyber incidents.
As the Port of Seattle continues to recover from the cyberattack, the focus remains on restoring services and operations that were impacted, including the airport’s website, lost and found services, and maritime operations. While the airport is back to normal, the long-term implications of the incident are being considered, with plans in place to strengthen cybersecurity measures and be better prepared for potential future cyber incidents. Transparency in communication about the incident and ongoing updates for stakeholders are priorities for the Port as they navigate the aftermath of the cyberattack. Lessons learned from this experience will inform future cybersecurity strategies and ensure the Port is better equipped to handle similar incidents in the future.
