Hackers Demand $6 Million in Bitcoin from Seattle Airport
In a recent cyberattack against Seattle-Tacoma International Airport, hackers have demanded a ransom of $6 million in bitcoin for the stolen files. The breach, now under investigation by the FBI, was linked to a ransomware gang known as Rhysida, according to Lance Lyttle, the managing director of aviation at the Port of Seattle.
Port of Seattle's Stance and Response
Despite the hackers' demands, the Port of Seattle, the operator of the airport, has firmly decided not to pay the ransom. Port officials argue that using taxpayer money to satisfy ransomware demands is not justifiable. Instead, they are focusing on recovery efforts and have made it clear that no payment will be made to the hackers.
Details of the Cyberattack
This cyberattack, which began on August 24, occurred during a peak travel period just before the Labor Day holiday weekend. Even though flights operated without significant disruption, the cyberattack caused considerable issues with ticketing, check-in kiosks, and baggage handling processes. Smaller airlines were particularly affected, forcing passengers to rely on paper boarding passes.
Data Stolen and Posted on Dark Web
The hackers managed to encrypt some data before the airport could stop the attack. On a dark web site, they posted eight files stolen from the airport systems, demanding 100 bitcoin—approximately $6 million—for the data. However, the specific nature of the stolen documents has not been disclosed.
Ongoing Investigation and Impact
The FBI is conducting a criminal investigation into the incident. Meanwhile, the airport is taking steps to contact any individuals whose personal information may have been compromised. Recovery efforts are still ongoing as the airport seeks to resume normal operations.
Previous Incidents Linked to Rhysida
Rhysida, the ransomware group implicated in this attack, has been linked to other incidents, including a data breach in Columbus, Ohio. Although the mayor of Columbus downplayed the importance of the stolen data and did not receive a ransom demand, it underscores Rhysida's ongoing threat.
The Seattle airport cyberattack highlights the rising threat of ransomware in the cryptocurrency markets and underscores the importance of robust cybersecurity measures to protect against such disruptive events.