Port of Seattle Website Finally Back Online Following Major Cyber Attack

Image: Port of Seattle.

The Port of Seattle’s website is back in service three months after a ransomware-related cyberattack, the port announced Nov. 22.

The port said it first encountered unauthorized activity on its systems on Aug. 24, when the port and Seattle-Tacoma International Airport began experiencing internet and web systems outages, affecting port services such as baggage, check-in kiosks, ticketing, Wi-Fi, passenger display boards, the Port of Seattle website, the airport’s mobile app and reserved parking.

“Our investigation has determined that the unauthorized actor was able to gain access to certain parts of our computer systems and was able to encrypt access to some data,” the port said.

The port found that the ransomware attack came from a hacker group known as Rhysida.

The port said it moved to isolate systems and teamed with third-party and federal entities to safely test and restore them. The port said it was able to return most of these systems within days of the cyberattack.

“From day one, the port prioritized safe, secure and efficient operations at our facilities,” Port Executive Director Steve Metruck said in a Sept. 13 update.

He added that the port “has no intent of paying the perpetrators behind the cyberattack on our network.”

“Paying the criminal organization would not reflect port values or our pledge to be a good steward of taxpayer dollars,” he said.

By Karen Robes Meeks