Port of Seattle grappling with 'possible cyberattack'

A possible cyberattack against Washington's Port of Seattle has caused significant service disruptions to airline travel at the Seattle-Tacoma International Airport.

The Port of Seattle, a government agency that oversees properties including the Seattle-Tacoma International Airport, is facing service and internet outages following what it described as a "possible cyberattack."

The agency first announced outages on Aug. 24, saying that the Port "experienced certain system outages indicating a possible cyberattack" that morning. The most visible entity impacted by the outage is the Seattle-Tacoma International Airport, which has seen significant service disruptions since outages began on Saturday.

Disrupted services include airport-based bag checking and check-in systems, and travelers have also reported delays and long lines. On Monday, the airport posted to X, formerly Twitter, "International travelers should give themselves extra time if coming to SEA. Some of our airline partners are currently providing manual bag tags and boarding passes."

The Port's website is also currently down, requiring the agency to post updates to a status page on the broader Washington Ports website.

The Port of Seattle said on the status page that it isolated critical systems and is working to restore service "with the assistance of industry experts." However, the agency warned Monday that "there is currently no estimated time for return." The page includes a list of traveler recommendations, including arriving early for flights, getting mobile boarding passes and bag check tickets before arriving to the airport, and using exclusively carry-on luggage if possible.

"Frontier, Spirit, Sun Country, JetBlue, and International Airlines are specifically affected," the status page read. "Passengers on these carriers should allow extra time."

In a Monday press conference update published to YouTube, Greg Hawko, Transportation Safety Administration federal security director for Washington, stated that "the security of the traveling public was not affected at all" and that security processes remain fully operational.

It's unclear what kind of cyberattack might have taken place, though network service disruptions are often a result of ransomware attacks. Additionally, many ransomware attacks have impacted public sector entities this year, from municipal governments to critical services.

TechTarget Editorial contacted the Port of Seattle for additional comment, but the agency did not respond at press time.

The Port of Seattle IT outage follow widespread disruptions for airlines services last month caused by an errant CrowdStrike channel file update. While no cyberattack occurred, the impacts to flight services were severe enough that Delta Airlines said it would seek damage from the cybersecurity vendor. CrowdStrike disagreed with many of Delta's specific assertions, though the security vendor has apologized for service disruptions caused by the outage.

Alexander Culafi is a senior information security news writer and podcast host for TechTarget Editorial.

Dig Deeper on Security operations and management