Growing Cyber Threats: SEA and Other U.S. Airports Face Escalating Attacks

Last month, The Port of Seattle/Seattle-Tacoma International Airport (SEA), is facing significant challenges after a suspected cyberattack on August 24, 2024, disrupted operations at Seattle-Tacoma International Airport (SEA). The attack led to widespread internet outages, grounded flight information systems, and caused over 400 flight delays and cancellations. While the airport is gradually restoring its systems, critical operations such as baggage sorting and passenger information processing were impacted, requiring manual interventions. Lance Lyttle, Managing Director of Aviation at SEA, reassured the public by stating, 

"Operationally, everything is running close to normal and there have been limited flight cancellations since Saturday [24 August]."

This attack is not an isolated incident, as U.S. airports have become increasingly vulnerable to cyber threats over the past year. Earlier in 2024, hacktivist groups like Anonymous Sudan and the Dark Storm Team launched cyberattacks on San Francisco International Airport (SFO) and Los Angeles International Airport (LAX). These groups targeted U.S. airports due to geopolitical tensions, citing grievances related to U.S. policies and involvement in international conflicts. The attacks on SFO and LAX, much like the SEA incident, highlighted the critical need for enhanced cybersecurity measures to protect essential infrastructure.

The evidence in 2024 is ever increasing of the vulnerability in U.S. infrastructure, as cyberattacks continue to surge at an unprecedented rate. The SEA cyber incident is one of the most significant examples, occurring amid growing foreign interference during the U.S. election period. According to Check Point Research, U.S. utilities have experienced a nearly 70% (Reuters), increase in cyberattacks this year compared to the same period in 2023, underscoring the growing threat to critical infrastructure, especially as the power grid rapidly expands and digitalizes to meet rising energy demands.

As the nation’s utilities, power grids, and port infrastructure become more dependent on digital systems, their vulnerabilities are increasingly exposed, making them prime targets for cyberattacks. The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have also issued warnings about potential Distributed Denial of Service (DDoS) attacks on election infrastructure, which, while not affecting voting integrity, could disrupt access to essential election information, further shaking public confidence in the democratic process.

These incidents reveal a troubling pattern of escalating threats to U.S. infrastructure in 2024. As cybersecurity expert Sam Sabin explained, 

"So many cybersecurity issues come down to basic mistakes, such as re-using passwords on multiple accounts." 

In 2024, the U.S. has faced an alarming pattern of escalating threats to its infrastructure, primarily driven by cybersecurity vulnerabilities that have yet to be adequately addressed. Sam Sabin, a cybersecurity reporter at Axios, has brought critical attention to several pressing issues, including nation-state hacks, ransomware attacks, and business email compromise scams that are increasingly aimed at critical infrastructure. Sabin’s reporting underscores a persistent lack of cyber incident awareness training, which has resulted in frequent human errors—particularly in security protocols and authentication processes within network infrastructure.

These seemingly minor oversights have paved the way for more sophisticated cyber intrusions, exposing key sectors to significant risks. Sabin’s analysis draws a direct line between these failures and the surge in attacks, emphasizing that the weakest links in cybersecurity are often human errors and outdated protocols.

This reinforces the importance of strong password hygiene and multi-factor authentication, along with closer collaboration with third-party vendors to ensure robust defenses. As SEA continues its recovery efforts, the aviation industry as a whole must remain vigilant and prioritize cyber resilience in response to the growing frequency and sophistication of these attacks.