The Port of Seattle is currently recovering from a suspected cyberattack that impacted various operations, with unauthorized activity being detected on the network nearly three weeks ago. The travel experience at Seattle-Tacoma International Airport is back to normal, with flight and baggage information now showing up on digital screens. However, the airport and Port’s websites are still down, and services such as the lost and found and visitor pass program remain inaccessible. Some maritime operations managed by the Port of Seattle are also still in recovery mode, but flights and security checkpoints at Sea-Tac Airport were not impacted, and cruise travel was not disrupted.
Airport workers had to resort to manual methods such as writing flight numbers and carousel locations on large sheets of paper and issuing handwritten boarding passes and bag tags. Port of Seattle Executive Director Steve Metruck stated that the investigation into the cyber incident is still ongoing, with critical systems isolated after detecting the unauthorized activity and no new intrusions since then. Metruck also mentioned that the crisis has accelerated the implementation of technical changes that were already planned or on the wish list, and more information and lessons learned will be shared once the investigation is complete.
Metruck highlighted the commonality of cyber incidents and mentioned the recent cyberattack on Highline Public Schools, advising businesses and government organizations to invest in cybersecurity and be prepared should a cyberattack occur. He emphasized the importance of having plans for workarounds for key IT-based processes in case access to key systems is lost, to ensure the continuity of operations and payments to businesses and individuals. The Port of Seattle is providing updates about the outage on their webpage, and more information will be shared as the investigation progresses.
While the travel experience at Seattle-Tacoma International Airport has returned to normal, the websites of both the airport and Port of Seattle remain offline, along with services such as the lost and found and visitor pass program. Some maritime operations managed by the Port of Seattle are still in recovery mode from the suspected cyberattack that occurred nearly three weeks ago. Despite the impact on various operations, flights and security checkpoints at Sea-Tac Airport were not affected, and cruise travel continued without disruption.
At a Port of Seattle Commission meeting, Executive Director Steve Metruck shared that the investigation into the cyber incident is ongoing, with critical systems isolated and no new intrusions since the unauthorized activity was detected. Metruck noted that the crisis has accelerated the implementation of technical changes, and more information and lessons learned will be shared once the investigation is complete. He highlighted the importance of investing in cybersecurity and having plans for maintaining operations if a cyberattack occurs, to ensure the continued functionality of key systems and payments to businesses and individuals.
The Port of Seattle continues to provide updates about the outage on their webpage, offering information on the recovery process and any new developments. Metruck emphasized the importance of being prepared for cyber incidents and having plans in place to mitigate disruptions to operations and payments. As the investigation progresses, more information will be shared with the public, and lessons learned from the cyber incident will be communicated to help prevent similar incidents in the future. Despite the challenges faced in the aftermath of the cyberattack, the Port of Seattle is working diligently to recover and strengthen its cybersecurity measures to prevent future incidents.
