back to article Seattle airport 'possible cyberattack' snarls travel yet again

The Port of Seattle, which operates the Seattle-Tacoma International Airport, is investigating a "possible cyberattack" after computer outages disrupted the airport's operations and delayed flights. The internal internet and web systems outage occurred early Saturday morning, according to an Xeet by the official account …

  1. oreosRnice

    Lets rethink these things.

    I think it’s time these “critical” infrastructure systems became disconnected from the internet.

    Or at lease employed a significantly tight and secure network. A singular company being able to push an unverified patch that crippled travel across the globe….. time for new ideas.

    Is it more automation? Bring back the human element? Since apparently the human error argument can’t be used. Or who ever is maintaining these networks needs to be replaced with someone more competent.

    1. Anonymous Coward
      Anonymous Coward

      Re: Lets rethink these things.

      If you say "who ever is maintaining these networks needs to be replaced with someone more competent" then would the current attitude replace them with AI? This is not a complaint but networks seem to be designed in a way that makes hacking too easy.

    2. EricM Silver badge

      RCA

      > Is it more automation?

      Well, more automation with poorly understood failure modes is exactly what brought us to the current status.

      my personal Root Cause Analysis : The whole security thingy has been so fu**ed up in 3 simple steps:

      1) Deploying knowingly insecure Windows OS to run critial systems - I'm in this industry since 1991 and I never understood how you can select any incarnation of Windows since then to run server workloads.

      2) Trying to "fix Windows Security" with layers over layers of 3rd party AV/EDR snake oil that depends on high-frequency updates and introduces its own bugs and attack vectors, AI, Machine Learning, whatever to somehow remediate just the known Win security problems

      3) Create general rules like PCI DSS, NIST, etc., that codify the resulting over-complex mess and make it mandatory for everyone, even those using sane operating systems. Note this is usually named "compliance", not "security", for obvious reasons ...

      Result: A wrong update of a major EDR company in 2024 can take out a good part of the commercial Internet servers over night.

      Not only Windows, Linux, too.

      So we tried to minimize Risk A (Windows Security) by creating Risk B (DOS by EDR), which is more probabable, more severe and escalates easily to an international, industry-wide scale.

      And it does not even really fix the original problem - Windows security.

      Rethinking this might be a very good approach.

      1. Anonymous Coward
        Boffin

        Re: RCA

        Bookmark the above post!

        DoS by EDR: Denial of Service attack by Endpoint Detection and Response

      2. Denarius

        Re: RCA

        Eric, upvoted. I wish I could do a 100 times. Root cause issue covered in kludges with no hope of fixing, IMHO, due to sunk cost fallacy and the crop of PHBs infesting the layers of bureaucracy and C suite.

      3. Marty McFly Silver badge
        Coat

        Re: RCA

        >Begin Beavis & Butthead voice over<

        Uh, huh, huh, huh...

        He said "Windows Security"

  2. spuck

    They probably got hacked because they uninstalled Crowdstrike last month. :ducks:

  3. Mark Exclamation

    "....according to an Xeet...." - should it not be "a Xeet"? I am assuming it is pronounced "Zeet"?

    1. Anonymous Coward
      Anonymous Coward

      I heard it was pronounced “poop”

      1. Anonymous Coward
        Anonymous Coward

        I love the word poop - it's so descriptive of the actual activity - a sort of open-and-shut action, if you like

    2. MyffyW Silver badge

      I would posit it should be a "Xhit", pronounced with a soft, lisping s.

      Xhit, because that is the quality of most of the message contents.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like