WASHINGTON, D.C.—U.S. Senator Maria Cantwell (D-Wash.), Chair of the Senate Committee on Commerce, Science and Transportation, held a hearing on “Aviation Cybersecurity Threats” at our nation’s capital Wednesday morning, September 18, to examine the cybersecurity threats airports and airlines have been faced with recently, and to discuss how the aviation sector can bolster its resiliency against similar attacks in the future.
“Every time we witness these technology failures, consumers are the ones left holding the bag,” Sen. Cantwell said.
The Seattle-Tacoma International Airport (Sea-Tac) was the latest victim in a wave of cyberattacks against airports nationwide, which began on August 24 and disrupted airport operations for three weeks including gate information displays, baggage handling, and flight check-ins. This further resulted in cancelled and delayed flights for passengers and airport employees having to handwrite tickets and personally direct passengers. Collecting baggage was also a challenge as airport staff had to manually sort thousands of checked bags at the terminal.
Lance Lyttle, Aviation Managing Director for Sea-Tac told the Committee that the airport has successfully thwarted cyberattacks in the past and that she will share the findings of their investigation with the Committee when it is complete.
“We have successfully in the past thwarted denial of service attacks, phishing attacks, and we continuously do exercises. We have internal and external audits that we conduct on a regular basis to minimize the impact of any cyberattacks on our environment,” Lyttle said.
Other airports that have been victims of cyberattacks. In 2022 Chicago’s O’Hare Airport’s website along with 13 other airports were shut down by hackers.
The hacker group behind the Sea-Tac cyberattack—known as Rhysida Ransomware and believed to be a Russian organization—threatened to release sensitive information of airport employees while demanding $6 million in untraceable bitcoin.
In November 2023, Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released a joint Cybersecurity Advisory (CSA), warning the public of the ransomware group, who through phishing campaigns and VPNs, have compromised organizations in education, manufacturing, information technology, and government sectors
While most of Sea-Tac Airport’s operations are back online, its website and internal human resource functions remain inoperable.
Following the cyberattack at Sea-Tac, Port of Seattle Executive Director Steve Metruck said that business and government “need to invest in cybersecurity” and “need to be prepared should a cyber [attack] gain access to systems.”
The aviation industry has seen a 74% increase in cyberattacks since 2020, Senator Cantwell shared, emphasizing the importance of cybersecurity to the national economy.
“With the aviation sector contributing more than 5 percent of our GDP, $1.9 trillion in total economic activity, and supporting 11 million jobs, we have to wake up and take these aviation cyberthreats seriously,” said Sen. Cantwell Wednesday. “As we saw in the 1990s, when weaknesses in the power grid exposed the system to catastrophic failures, we have a similar situation today in the aviation sector. Like with the utility industry, the solution has to be a strong national standard for resiliency, and organizations committed to the highest standard – whether that’s voluntary as an organization, or something stronger. Because every time we witness these technology failures, consumers are the ones left holding the bag.”
Senator Cantwell was among many of the hundreds of thousands of passengers affected during Sea-Tac’s disruption caused by the Rhysida ransomware hackers in August. She shared her experiences Wednesday having to navigate the airport without knowing if she was headed the right way to her gate, or if there had been any cancellations or delays to her flight.
“Sea-Tac’s situation isn’t unique,” said Cantwell. “Across the country, we’ve seen troubling examples of cyber vulnerabilities in our aviation sector. In 2020, a hacker accessed internal systems at San Francisco International Airport. In 2020, San Antonio Airport had its website spoofed. And let’s not forget the 2015 incident where a hacker claimed he had access to a United Airlines flight’s controls through the in-flight entertainment system,”
The FAA Reauthorization bill, which was signed into law in May 2024, included a subtitle strengthening cybersecurity, including directing the FAA to establish a process to track and evaluate aviation cyber threats, and designating a Cybersecurity Lead at the Agency. Just last year, the Transportation Security Administration (TSA) and FAA both issued cybersecurity requirements for airports and airline operators.
The new TSA emergency amendment requires TSA-regulated entities to develop an implementation plan describing measures to improve cybersecurity resilience and prevent disruption and degradation to their infrastructure.
Sen. Cantwell said that cyberattacks and other recent technology outages in aviation—such as the NOTAM failure, the Southwest meltdown, or the CrowdStrike outage—have made it clear that “brittle infrastructure won’t cut it.”
Also attending Wednesday’s committee was Ranking Member Senator Ted Cruz (R-Texas), Marty Reynolds, Brigadier General, USAF (Retired), Managing Director for Cybersecurity, Airlines for America, Lance Lyttle, Aviation Managing Director, Seattle-Tacoma International Airport, John Breyault, Vice President of Public Policy, Telecommunications and Fraud, National Consumers League.