Officials at the Port of Seattle disclosed that the Rhysida ransomware gang was behind the intrusion that caused outages at the port and the Seattle-Tacoma International Airport on Labor Day weekend while emphasizing that they rejected paying the demanded ransom, according to The Record, a news site by cybersecurity firm Recorded Future.
Attackers may have obtained certain Port data in mid-to-late August before proceeding with encrypting such information, resulting in the outages of its baggage, ticketing, Wi-Fi, and reserved parking services, as well as check-in kiosks, passenger display boards, the flySEA app, and the Port of Seattle website, said officials. "Our team was able to bring the majority of these systems back online within the week, though work to restore some systems like our external website and internal portals is ongoing," officials added. Such a development comes after RansomHub compromised the City of Columbus in Ohio and the British Library, the UK's national library.