Written for The Realist Juggernaut Staff by The Realist Pix Staff.
The Port of Seattle stood firm in its decision not to pay a ransom demanded by cybercriminals who disrupted operations at the city’s airport and seaport just before the Labor Day holiday. Officials confirmed on Friday that the Rhysida ransomware group, known for targeting high-profile entities such as hospitals and municipal governments, was responsible for the attack.
In their statement, the Port of Seattle acknowledged that the hackers might retaliate by posting stolen data on the dark web. The ransomware group had already made headlines for attacks on the city of Columbus, Ohio, and multiple healthcare facilities across the country.
“Our investigation into what data was taken is ongoing,” the Port stated, adding that it appears some information was obtained in mid-to-late August. While the specifics of the stolen data remain unclear, they pledged to notify affected individuals, including employees and passengers whose personal information may have been compromised.
Steve Metruck, the executive director of the Port of Seattle, emphasized that while progress was being made to restore impacted systems, paying the ransom was never an option. “Paying the criminal organization would not reflect Port values or our responsibility as stewards of taxpayer dollars,” Metruck said.
The ransomware attack, which began on August 24, caused significant disruption. Airport staff were seen resorting to writing flight information on dry-erase boards, and airlines had to manage baggage routing with pen and paper. The Port’s preliminary investigation confirmed that hackers had encrypted several systems and data, which led to the temporary shutdown of vital airport and seaport services.
At the height of the attack, critical systems such as baggage handling, check-in kiosks, ticketing, Wi-Fi, passenger display boards, the Port of Seattle website, the flySEA app, and reserved parking services were all impacted. Despite the widespread disruption, the Port was able to restore most systems within a week, though work continues on some, including the external website and internal portals.
Throughout the incident, officials reassured travelers that it was still safe to fly. The airport managed to maintain operations using traditional methods like pen and paper during the outage. “We made do with what we had,” one official commented, highlighting the adaptability of staff during the crisis.
There has been no new activity from the hackers since the initial attack, but the Port remains on high alert, continuously monitoring its systems. Law enforcement agencies and cybersecurity experts were involved in the recovery process from the start.
Rhysida, the ransomware group behind this attack, continues to be one of the most notorious cybercriminal organizations currently active. The group has been linked to numerous high-profile attacks, including leaving the British Library inoperable for weeks, extorting a children’s hospital in Chicago, and disrupting a global Christian charity during the Christmas season.
The Port of Seattle’s refusal to pay the ransom highlights a growing stance among public institutions to resist cybercriminal demands, despite the damage these attacks cause. Their resilience and determination to prioritize long-term security over short-term fixes serve as a reminder that protecting public infrastructure comes with difficult decisions.
Sponsored • TRJ Ads
Inquiries: contact@therealistjuggernaut.com
