Over the weekend, a cyberattack occurred at the Port of Seattle and Seattle-Tacoma International Airport, highlighting the increasing trend of hackers targeting critical infrastructure. Details about the attack are limited, including whether there was a data breach. While the outage did not impact flights or security checkpoints, it did cause delays to baggage services and affected screens displaying flight information. Both the Port’s Maritime Facilities phone systems and the Port and airport websites were down, along with email and phone services for Port staff.
Michael Morgenstern of DayBlink Consulting noted that threats to ports are growing, citing previous attacks on ports such as DP World in Australia, Maersk in 2017, and The Port of Houston in 2021. He mentioned that criminal enterprises and nation-states are responsible for these attacks. In October 2022, several U.S. airports experienced website outages due to a reported DDoS attack by pro-Russian hackers. Valuable data, such as passenger information and cargo manifests, make ports and airports attractive targets for hackers who can sell the data on the dark web for profit.
Yatharth Gupta of Codified emphasized that hackers target entities like ports and airports for profit, forcing them to pay ransoms in ransomware attacks. Corey Nachreiner of WatchGuard stated that hackers have access to advanced tools, making it relatively easy for them to conduct sophisticated attacks on various businesses. To prevent future attacks, Morgenstern recommended increasing security measures for devices and technology essential to port operations. He suggested implementing insider threat and supply chain security programs, zero trust protocols, and continuous employee training.
David McGuire of SpecterOps advised entities to enhance their vulnerability management programs and practice good cyber hygiene. The recent cyberattack on the Port of Seattle follows previous ransomware attacks on Seattle Public Library, Fred Hutchinson Cancer Center, and oil drilling giant Halliburton. Additionally, a global IT disruption, including at Sea-Tac and other airports, occurred due to a flawed update from cybersecurity software company CrowdStrike. The U.S. Marine Transportation System industry is a massive sector supporting trillions of dollars in economic activity annually.
As hackers continue to target critical infrastructure, it is essential for ports and airports to strengthen their cybersecurity defenses and prioritize proactive security measures. By implementing robust security protocols, conducting regular vulnerability assessments, and training employees to identify and respond to potential threats, organizations can mitigate the risk of cyberattacks. Collaborating with cybersecurity experts and staying informed about emerging threats can also help in safeguarding vital infrastructure and ensuring business continuity in the face of evolving cyber threats.
