$6M Ransom Demanded: Rhysida Gang’s Attack on Seattle’s Critical Infrastructure

$6M Ransom Demanded: Rhysida Gang’s Attack on Seattle’s Critical Infrastructure

The Port of Seattle, which operates the Seattle-Tacoma International Airport (Sea-Tac), recently became the target of a major ransomware attack carried out by the Rhysida gang, a notorious cybercriminal group. On August 24, 2024, the hackers infiltrated the port’s systems, stealing around 3 terabytes of sensitive data. This attack led to significant operational disruptions, including outages affecting Sea-Tac’s ticketing systems, Wi-Fi, baggage handling, and flight check-ins. Digital screens in the airport went dark, leaving passengers confused and scrambling to find the correct gates​.

Rhysida demanded a ransom of 100 Bitcoin (around $6 million) to halt the release of the stolen data and provide a decryption key to restore access. However, the Port of Seattle chose not to comply with the demand, adhering to its stance of not using public funds for ransom payments. In retaliation, the cybercriminals posted a portion of the stolen data on the dark web, with threats to release more if their demands were not met​.

Port officials, along with federal authorities, worked tirelessly to restore systems and limit the damage. Although some operations resumed after a week, there are still lingering effects, and the investigation is ongoing. The FBI is now involved in tracking the attackers, and efforts are being made to bolster the port’s cybersecurity to prevent future incidents​.

If your business is concerned about the risks of ransomware or other cybersecurity threats, FATAL offers robust solutions designed to protect critical infrastructure. You can learn more or Get Started Today!

 Sources: ​MyNorthwest.com | KIRO 7 News Seattle