Ransomware group releases screenshots in attempted extortion of Port of Seattle
Cybercriminals targeting the Port of Seattle have demanded a ransom of 100 bitcoin, approximately $5.9 million, threatening to sell stolen data if their demands are not met within seven days. The data purportedly includes sensitive information such as a U.S. passport and tax identification forms with Social Security numbers. The Port of Seattle, along with the Seattle-Tacoma International Airport, has refused to pay the ransom. The attack is attributed to a group known as Rhysida, part of a ransomware-as-a-service operation that has listed nearly 150 victims since its emergence in June 2023. The port experienced system outages on August 24, indicative of a cyberattack, leading to disruptions in services such as baggage handling, check-in kiosks, and Wi-Fi. Efforts to restore affected systems are ongoing, with the majority back online within a week, although some, like the port's website and internal portals, remain offline. The port is committed to assessing the stolen data and notifying impacted stakeholders as appropriate. Malware: Rhysida(Windows), Rhysida, Rhysida(Linux) CVEs: CVE-2020-1472 [View Article](https://cyberscoop.com/ransomware-group-releases-screenshots-in-attempted-extortion-of-port-of-seattle/)