After last month’s cyber hack at Seattle-Tacoma International Airport, hackers are demanding a ransom of 100 Bitcoins, the equivalent of about $6 million. Specific details about the data compromised, like the extent of access and what was stolen, have not been fully determined.

The port’s Aviation managing director, Lance Lyttle, testified Wednesday morning during a hearing with the US Senate’s Commerce, Science, and Transportation Committee. Lyttle said an investigation into the cyberattack is ongoing. He said Rhysida was the known ransomware group responsible for the breach.

FBI Investigates Major Cyber Attack on Port Systems

Additionally, they stated that the incident was under criminal investigation led by the FBI. Lyttle took pains to note that, under the circumstances, the security measures at the airport considerably contained the attack. The hackers had managed to encrypt some of the data, which spoke volumes about the extent of the breach.

The August 24 cyber attack on the Port systems has caused significant operational disruption. According to Lance Lyttle, hackers threatened to sell stolen data unless they paid a ransom of 100 Bitcoin. The perpetrators who demanded this massive sum of Bitcoin were not identified and later published compromised files on a dark web site. Lyttle would not describe the nature of the files accessed, but he said the airport would contact anyone whose personal information may have been exposed.

Despite inconveniences stemming from the cyberattack, Port officials have refused to pay the ransom, citing concerns about misusing taxpayer money. The cyberattack largely affected operations on ticketing, check-in kiosks, and baggage handling systems a week before the Labor Day holiday. Travellers with smaller airlines were particularly hit, having to fall back to using paper boarding passes.

In August, the U.S. government reportedly transferred 10,000 Bitcoins valued at about $600 million to Coinbase Prime. Attorney Scott Johnson recently clarified the deal, which was previously speculated to be a deposit.

Airport Cyber Attack Details and Bitcoin Sale Update

According to Jonsson, the transfer was part of the U.S. Marshal Service’s intended sale of Bitcoin, per a pre-existing agreement with the crypto exchange. Despite such massive financial investments and the refusal to accept operations failures at the airport, flight schedules remained mainly on schedule.

The cyberattack on airport systems on Aug. 24 disrupted operations ahead of the busy Labor Day weekend, affecting ticketing, check-in kiosks, and baggage handling.

Lance Lyttle, the senior official in the airport’s management, says that though details of what was stolen remain unknown, those whose data has been compromised will be directly contacted. The airport’s official authorities didn’t pay the ransom because doing so would be a misallocation of taxpayer money.

The state, however, suspects Rhysida of another data breach in Columbus, Ohio, separate from the one targeting the airport. A ransom demand has not been issued regarding the Columbus incident, something which happened in the airport attack.

Conclusion

These are part of a series of disruptions that have taken place at a vital time. Some airlines were left with no choice but to revert to issuing paper boarding passes since their systems had already been compromised.

Flight schedules remained unaffected. While still reeling from the effects of this major cyberattack, the refusal to pay a ransom reflects a much deeper commitment to protecting public resources and hardening cybersecurity. The resiliency of the operational services at this airport amidst such scenarios shows the genuine struggle to preserve safety and security in difficult times.