Cyberattack on Seattle-Tacoma Airport

17 September 2024 2 minutes Author: Newsman

Rhysida is demanding a ransom of 100 bitcoins (about $5.82 million) to unlock the encrypted files of the Seattle-Tacoma Airport, which was hit by a cyber attack.

Seattle-Tacoma Airport was attacked by the Rhysida group on August 24, 2024. Three weeks after the attack, the hackers issued a ransom demand of 100 bitcoins (about $5.82 million). They threatened to release the stolen data if the ransom was not paid within seven days. The attack affected several airport services, including baggage check-in systems, passenger information boards, check-in kiosks and Wi-Fi.

The airport has partially reopened, but is still trying to fully restore internal systems. Airport officials said they would not pay the ransom, and that a cybersecurity team is working with the FBI and the Department of Homeland Security to investigate the incident. The Rhysida group is known for its attacks on various sectors, including education, healthcare and government institutions.

The Rhysida group appeared in May 2023 and uses phishing attacks and penetration testing tools to carry out its attacks. It operates on a ransomware-as-a-service (RaaS) scheme, selling its tools to other criminals in exchange for a share of the profits. Their methods include double extortion, where even after paying the ransom, the hackers threaten to release the stolen data.

The refusal to pay the ransom shows the airport’s determination to fight cyberattacks, but the incident demonstrates the need to strengthen cyber defenses.

Other related articles
Found an error?
If you find an error, take a screenshot and send it to the bot.