The Seattle-Tacoma International Airport (SEA) in Washington is facing disruptions following a potential network breach as authorities ask travelers to confirm flight status with their airlines.
“Earlier this morning, the Port of Seattle experienced certain system outages indicating a possible cyberattack. The Port isolated critical systems and is in the process of working to restore full service and do not have an estimated time for return.”
The airport continued to see some delays and cancellations on Aug. 25, with 23 flights affected by such disruptions as of 4 a.m. EDT.
The incident compromised information such as full names, email addresses, company names, and plane model numbers, HackManac said. A threat actor named “InterlBroker” claimed responsibility for the attack.
Aviation Cyber Risk
A recent report by data security firm SecurityScorecard found that the global aviation industry scored a “B” rating for cybersecurity.“While this isn’t a failing grade, significant disparities exist. Organizations with a B rating are 2.9x more likely to be victims of data breaches than those with an A rating,” it said in a statement.
“Notably, aviation-specific software and IT vendors score the lowest, with a mean score of 83, posing substantial third-party risks for their airline customers.”
Seven percent of sampled companies had publicly reported breaches last year, and 17 percent had evidence of at least one compromised machine.
SecurityScorecard recommended that the aviation sector enhance the protection of key data and refrain from paying ransoms to minimize the incentive for criminals to carry out further attacks.
Ryan Sherstobitoff, senior vice president of threat research and intelligence at the firm, said airlines are “flying bling on third-party risks.” He called on the industry to prioritize security measures across the aviation ecosystem before “turbulence turns into a disaster.”
The “emergency action” was taken after “persistent cybersecurity threats against U.S. critical infrastructure, including the aviation sector.”
The amendment required entities regulated by the TSA to develop an approved plan describing policies taken to boost cybersecurity resilience and prevent disruption to infrastructure.
TSA Administrator David Pekoske pointed out that the amendment “extends similar performance-based requirements that currently apply to other transportation system critical infrastructure.”
The proposal seeks to standardize how the FAA addresses cybersecurity risks, which would end up “reducing certification costs and time while maintaining the same level of safety provided by current special conditions.”