Airline agents are filling out baggage tags by hand as a cyberattack continues to plague SeaTac Airport's computer systems. The attack was apparently launched on Saturday against the Seattle Port Authority, which runs the airport. It led to numerous delays and cancellations over the weekend. As of Monday, there was no end in sight and no prediction on when operations would return to normal.
As software developer (and inactive PPL), after 40+ years in the industry it still amazes me that executives will make bone headed decisions on IT directives. I am sure some Software Engineer in those companies told Suits that they needed to spend money to beef up cyber security, but when told the cost (and they may have to use (gasp) two factor access which is too complicated for them) they seems to say “that costs too much, we’ll gamble our profits on easier”.
At times I really hate 2FA as I try to do my job and access Microsoft Systems, but in the world of today not strengthening cyber security is akin to heading into IFR with iffy instruments; sure you may get lucky, but is it worth the risk.
Sad thing, some IT person will potentially get the axe when it should be mid-level or higher managers.
As someone who had to recover over 200 servers and help with 1500 desktops, I can say this was a huge and needless fiasco. This is not the first time CrowdStrike has done this and it’s not just limited to Windows systems. A few months ago they pood the screwch on Debian Linux systems. Same MO. Not enough testing.
Yours is a good analogy but I liken having marginal, basic security to using needle, ball, and airspeed to fly IFR. Can it be done? Yes. But what are your chances of a successful outcome? Better for some than others.
And I totally agree about 2FA. It’s a necessary PITA.
To be fair, this incident doesn’t appear to be related to the recent CrowdStrike fiasco in any way, even though the graphic chosen to accompany the post is the BSOD that filled the screens of thousands of computers when that programming error took those computers down. On the other hand, the text of this post indicates that this was a deliberate attack against the Seattle Port Authority. Most likely ransomware, but no further details on the nature of the attack are included in the post.
You need to update this. I flew out of SeaTac on Alaska on Monday (Aug 26th) night and all was working except the Arrival and Departure signs. They scanned my luggage and it reached my destination on time.
I am really surprised that there isn’t significant more cyber-crime. It’s easy to carry out and, as is pointed out, some/many/most organisations are ill prepared. It is likely more prevalent than we know because likely not reported and the ransom is often paid in crypto-currency of some sort. If I were in any sort of infra-structure administration, this would be at the top of my list (and of course, there is the crowdstrike own goal).