SeaTac Airport hit by ransomware attack disrupting travel

Last month, SeaTac Airport in Seattle faced a significant ransomware attack attributed to the Reseda Group, leading to widespread disruptions across various computer systems essential for airport operations. The attack forced airport officials to shut down systems responsible for ticketing, display boards, and baggage claims, resulting in confusion for passengers and staff, as well as delays and cancellations of flights. Display boards remained non-operational for an entire week, leaving travelers uncertain about their flight information. Employees resorted to using paper signs to guide passengers to their gates, while check-in kiosks were also affected, causing long lines for paper tickets.

The attack not only disrupted passenger services but also compromised the airport's internal email system and website. The Reseda Group, believed to be a Russian organization, has threatened to release personal data of airport employees unless a ransom of $6 million in Bitcoin is paid. Although most systems have since been restored, the airport's website and some internal human resource functions remain offline three weeks later.

This incident at SeaTac is part of a broader trend of cyber vulnerabilities within the aviation sector. Previous attacks have targeted other airports, including San Francisco International Airport and San Antonio Airport, highlighting the urgent need for enhanced cybersecurity measures. In response, recent legislation, including the FAA reauthorization bill, has mandated the establishment of a process to track and evaluate aviation cyber threats and designated a cybersecurity lead at the FAA.

During a recent government meeting, aviation management director Lance Little discussed the impacts of the SeaTac attack and the lessons learned. Cybersecurity expert Marty Reynolds from Airlines for America also addressed emerging threats and the necessary responses from both the industry and government. The meeting underscored the critical need for investment in cybersecurity to protect against future attacks and ensure the safety and reliability of air travel. Port of Seattle executive director Steve Metrick emphasized the importance of preparedness in the face of potential cybersecurity breaches, calling for both business and government to take proactive measures.