Hackers have targeted Seattle-Tacoma International Airport with a ransomware attack, demanding 100 bitcoins to buy the data back.
Although the airport managed to fend off most of the damage, the attackers encrypted some data and posted stolen files on the dark web. Now, the Federal Bureau of Investigation (FBI) is involved, and the airport refuses to pay the ransom.
Hackers have demanded over $6 million in bitcoin from the operator of Seattle-Tacoma International Airport after a cyberattack last month, an airport official said Wednesday.
The attackers posted stolen documents on the dark web this week. The Port of Seattle, which owns the airport, has opted not to pay the ransom, and the Federal Bureau of Investigation (FBI) is now investigating. The airport has linked the cyberattack to a ransomware group called Rhysida, according to Lance Lyttle, managing director of aviation for the Port. Lyttle detailed:
On Monday, they posted on their dark website a copy of eight files stolen from Port systems and are seeking 100 bitcoin to buy the data.
Lyttle informed a U.S. Senate committee that the airport managed to stop the attack, although hackers encrypted some data.
While he did not specify the content of the stolen documents, Lyttle assured that individuals affected by the breach would be contacted. Airport officials believe paying the ransom would misuse taxpayer money.
The cyberattack, which began Aug. 24, occurred just before the busy Labor Day weekend. Although flights continued, the incident disrupted operations, affecting ticketing, check-in kiosks, and baggage handling. Smaller airlines had to issue paper boarding passes during the attack. Meanwhile, Rhysida is also suspected of a data breach involving the city of Columbus, Ohio, though no ransom demand was made in that case.