The Port of Seattle, which oversees the Seattle-Tacoma International Airport (Sea-Tac), has reported a “possible cyberattack” that caused significant disruptions to its internet and web systems.
The incident, which began on the morning of 24 August 2024, led to outages affecting several critical systems at the airport, including websites and phone services.
Initially, the Port of Seattle and Sea-Tac Airport only noted system outages, but by the afternoon, they acknowledged the possibility of a cyberattack. This potential breach has raised concerns about the security of critical infrastructure, particularly as the disruptions have directly impacted airport operations.
Seattle-Tacoma International Airport posted on social media platform X: “The Port of Seattle, including SEA Airport, is experiencing an internet and web systems outage, which is impacting some systems at the airport. Passengers are encouraged to check with their airlines for the latest information for their flights.”
The Transportation Security Administration (TSA) reassured the public that their operations remain unaffected, with security checkpoints continuing to function as usual. However, passengers were advised to stay updated on their flight statuses and allow extra time for airport procedures due to the ongoing situation.
As a precautionary measure, the Port of Seattle has isolated essential systems and is actively working to restore full services. Despite these efforts, there is currently no estimated time for when the systems will be fully operational again, leaving many travellers uncertain.
Oilfield services provider Halliburton also reports cybersecurity breach
In a related development, Halliburton, a major player in the global energy sector, based in the US, experienced a significant cyber breach that impacted its operations at its North Houston campus and disrupted several global connectivity networks.
The oilfield services provider has since taken some of its systems offline as a precautionary measure and is working with law enforcement and external cybersecurity experts to assess the damage and restore affected systems. While the specifics of the attack remain under investigation, it is suspected to have involved ransomware, a type of malware where attackers encrypt data and demand a ransom for its release.
Escalating cyber threats in the year 2024
The ongoing year 2024 has already witnessed several major cyberattacks, underscoring the escalating threats to critical infrastructure and sensitive data. In April, the Hospital Simone Veil in Cannes was hit by a ransomware attack by the LockBit 3.0 group, forcing the hospital to revert to manual operations for weeks.
The healthcare sector saw another significant breach with Cencora, a pharmaceutical services company, where data was exfiltrated, raising concerns about the security of medical information.
In the technology sector, Trello, a project management platform, suffered a data breach in January that exposed 15 million user accounts, highlighting vulnerabilities in public APIs. Additionally, in February, German battery manufacturer VARTA had to halt production across five plants due to a cyberattack that affected its IT systems.
Global systems disrupted due to faulty CrowdStrike update
This year also witnessed one of the most disruptive cyber incidents, marked by a widespread IT outage caused by a faulty update from CrowdStrike, a leading cybersecurity firm.
On 19 July 2024, CrowdStrike released an update to its Falcon sensor software, which inadvertently triggered a global outage, affecting approximately 8.5 million Windows devices. This incident caused significant disruptions across various sectors, including critical services such as airports, banks, and hospitals.