New York’s Albany Airport Pays Ransom

Uploaded on 2020-01-20 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-Transport & Travel

Albany County Airport Authority has disclosed a cyberattack on their systems. The New York Airport systems fell prey to Sodinokibi attack. According to local TV station reports the security incident happened at the Albany International Airport over the busy Christmas holiday period. 

The malware infection affected numerous administrative servers of the airport. Fortunately, it did not affect the routine operations and targeted the servers of the IT firm the airport contracted for computer management.

From this infected server, the ransomware then spread on the entire network affecting all systems. In addition, the ransomware also infected their backup, leaving them with no option for recovering lost data. They assured that the security incident did not affect any airline computers. Nor did it impact travellers personal information in any way.

Ransom Demanded and Paid
Upon detecting the ransomware infection, the Airport authority notified New York State Cyber Command and the FBI about the incident. Furthermore, they have also found help from the local computer services comnany ABS Solutions.

Despite their measures, the Airport authorities could not access their data. Eventually, they had to pay the ransom to the attackers. 

An airport spokesperson, has been reported to say that they got back access their data four hours after paying the ransom. ​Though, he did not specify the exact amount ransom demanded by the attackers it is thought to be below six figures. 

The airport also worked with its cyber insurance provider to pay the ransom and unlock the impacted servers, which required sending bitcoin to a Russian actor known as Sodinokibi using the same attack method hat has disabled the finacial services operataions of Travelex. 

The servers that were encrypted during the ransomware attack contained archival airport data, including legal, administrative and HR files. A forensic analysis determined that no consumer information, such as credit card data, was impacted.

The airport has since severed its relationship with its original IT contrcator and is working with a new service supplier  to redesign its computer servers internally.

City And State NY:       Latest Hacking News:        Albany Business Review

You Might Also Read:

Travelex Ransom Demand Is Doubled:

Cyber Insurance Might Actually Encourage Attacks:

 

 

« Can A 5G Network Really Be Secure?
Why An Effective Security Culture Is Essential For Your Organisation »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Eden Legal

Eden Legal

Eden Legal provides legal services on commercial and regulatory issues affecting digital businesses.

Zscaler

Zscaler

Zscaler enables the world’s leading organizations to securely transform their networks and applications for a mobile and cloud first world.

Code Dx

Code Dx

Code Dx is a software application vulnerability correlation and management system.

OASIS Open

OASIS Open

OASIS Open is where individuals, organizations, and governments come together to solve some of the world’s biggest technical challenges through the development of open code and open standards.

CERTuy

CERTuy

CERTuy is the national Computer Emergency Response Team for Uruguay.

DefenseStorm

DefenseStorm

DefenseStorm is a Security Data Platform that watches everything on your network and matches it to your policies, providing cybersecurity management that is safe, compliant and cost effective.

Rhebo

Rhebo

Rhebo Industrial Protector monitors and ensures the continuous, correct, and predictable operation of real-time Industrial Control Systems to prevent outages and reduce downtimes.

Secure Decisions

Secure Decisions

Secure Decisions focus on research and product development related to national security including information assurance, computer network defense, cyber security education, and application security.

Payatu

Payatu

Payatu Technologies is a security testing and services company specialized in Software, Application and Infrastructure security assessments and deep technical security training.

Asvin

Asvin

Asvin provides secure update management and delivery for Internet of Things - IoT Edge devices.

Intuity

Intuity

The Intuity suite of services provides companies with a complete awareness of their security status and helps them in an efficient, efficient and sustainable improvement process.

Nemko

Nemko

Nemko offers testing, inspection, and certification services worldwide, mainly concerning products and systems, but also for machinery, installations, and personnel.

Beyond Identity

Beyond Identity

Beyond Identity employs an elegantly simple concept, the personal certificate authority and self signed certificates, to replace passwords.

Wiser Market

Wiser Market

Wiser Market is a leading company in global online brand protection services, intellectual property protection, anti-Counterfeit & trademark infringements.

Soteria

Soteria

Soteria is a global leader in the development, integration and implementation of advanced cyber security, intelligence and IT solutions, delivering complete end-to-end solutions.

Seers

Seers

Seers is the world’s leading privacy & consent management platform for companies worldwide. Trusted by over 50,000+ businesses.