Cyber incidents are the new summer travel obstacle
Add Axios as your preferred source to
see more of our stories on Google.
Illustration: Shoshana Gordon/Axios
Add cyberattacks to the long list of headaches that travelers have to brace for heading into a busy Labor Day weekend.
Why it matters: System outages and service delays are now a normal part of the flying experience, between last month's CrowdStrike outage and last weekend's cyberattack on Seattle-Tacoma International Airport.
Driving the news: International carriers, as well as Frontier, Spirit, Sun Country and JetBlue, still don't have access to some of the Seattle airport's online ticketing and baggage systems after a cyberattack last weekend.
- The airport's Wi-Fi, electronic displays, TSA wait-time screens, and lost and found were also still offline Thursday.
- On Wednesday, the airport shared photos on X of employees writing gate assignments and departure times on a whiteboard to replace offline monitors.
- The airport has also reassigned some of its employees in other divisions to the terminal floor to assist travelers who may need help navigating their travel without these key online processes.
Flashback: Last month's global CrowdStrike outage — caused by a faulty security update and not a malicious hacker — led to thousands of flight cancellations.
- Delta Air Lines said it suffered at least $500 million in damages and threatened to sue CrowdStrike and Microsoft to recoup the costs.
The big picture: It's not just the aviation industry. Consumers are facing cyberattacks everywhere they go, from hospitals and schools to major retailers.
- Both cybercriminals and nation-state hackers have increasingly been going after U.S. critical infrastructure in recent years.
- This is far from the first time a major cyberattack has disrupted summer travel.
- Back in 2021, drivers were filling up plastic bags with gasoline during Memorial Day weekend over fears of a shortage brought on by the Colonial Pipeline ransomware attack.
What they're saying: "Unfortunately, we're going the wrong way when it comes to the targeting of critical infrastructure by cybercriminals," John Hultquist, chief analyst at Google Cloud's Mandiant, told Axios.
- "Despite increasing pressure and some major wins by law enforcement, they're not deterred. If they'll hit hospitals, they'll hit anything."
Between the lines: Targeting high-profile critical infrastructure is a way for hackers to entice their victims to pay a hefty ransom or to create chaos in adversarial nations.
- The median ransom payment that companies make to hackers is $1.5 million, according to a recent Chainalysis report.
The intrigue: Businesses and governments haven't been able to fend off rogue nation-state hackers or cybercriminals despite years of sanctions and law enforcement crackdowns.
Zoom in: Cybercriminals, in particular, don't have to do much to disrupt a corporate network.
- Combing a leaked trove of stolen login credentials could help them hack into another company — especially if employees are reusing their passwords.
What we're watching: The Seattle airport hasn't yet said what kind of incident it's battling or who may be behind it.
