New York’s Albany Airport Pays Ransom

Uploaded on 2020-01-20 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-Transport & Travel

Albany County Airport Authority has disclosed a cyberattack on their systems. The New York Airport systems fell prey to Sodinokibi attack. According to local TV station reports the security incident happened at the Albany International Airport over the busy Christmas holiday period. 

The malware infection affected numerous administrative servers of the airport. Fortunately, it did not affect the routine operations and targeted the servers of the IT firm the airport contracted for computer management.

From this infected server, the ransomware then spread on the entire network affecting all systems. In addition, the ransomware also infected their backup, leaving them with no option for recovering lost data. They assured that the security incident did not affect any airline computers. Nor did it impact travellers personal information in any way.

Ransom Demanded and Paid
Upon detecting the ransomware infection, the Airport authority notified New York State Cyber Command and the FBI about the incident. Furthermore, they have also found help from the local computer services comnany ABS Solutions.

Despite their measures, the Airport authorities could not access their data. Eventually, they had to pay the ransom to the attackers. 

An airport spokesperson, has been reported to say that they got back access their data four hours after paying the ransom. ​Though, he did not specify the exact amount ransom demanded by the attackers it is thought to be below six figures. 

The airport also worked with its cyber insurance provider to pay the ransom and unlock the impacted servers, which required sending bitcoin to a Russian actor known as Sodinokibi using the same attack method hat has disabled the finacial services operataions of Travelex. 

The servers that were encrypted during the ransomware attack contained archival airport data, including legal, administrative and HR files. A forensic analysis determined that no consumer information, such as credit card data, was impacted.

The airport has since severed its relationship with its original IT contrcator and is working with a new service supplier  to redesign its computer servers internally.

City And State NY:       Latest Hacking News:        Albany Business Review

You Might Also Read:

Travelex Ransom Demand Is Doubled:

Cyber Insurance Might Actually Encourage Attacks:

 

 

« Can A 5G Network Really Be Secure?
Why An Effective Security Culture Is Essential For Your Organisation »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

RSA Conference

RSA Conference

RSA Conference conducts information security events around the globe that connect you to industry leaders and highly relevant information.

King & Spalding

King & Spalding

King & Spalding is an international law firm with offices in the United States, Europe and the Middle East. Practice areas include Data, Privacy & Security.

Maryman & Associates

Maryman & Associates

Maryman & Associates are specialists in computer forensic investigations, incident response and e-discovery services.

Scantist

Scantist

Scantist is a cyber-security spin-off from Nanyang Technological University (Singapore) which leverages its expertise to provide vulnerability management solutions to enterprise clients.

Keynetic Technologies

Keynetic Technologies

Keynetic focuses on developing cybersecurity solutions for Industry 4.0.

Glilot Capital Partners

Glilot Capital Partners

Glilot Capital Partners is an Israeli seed and early-stage VC. We specialize in businesses which disrupt enterprise technology, mainly in the fields of AI, big data and cybersecurity.

Madrona Venture Group

Madrona Venture Group

Madrona Venture Group invests in seed and early-stage technology companies in areas including cybersecurity.

Havoc Shield

Havoc Shield

Havoc Shield is an all-in-one information security platform that includes everything a growing team needs to secure their remote workforce.

Solvere One

Solvere One

Solvere One is a managed service provider (MSP) focused on corporate consulting and partnership.

SpiderOak

SpiderOak

SpiderOak's portfolio of Secure Communication & Collaboration products ensure the confidentiality, integrity, and availability of your most sensitive data in any environment.

Pathlock

Pathlock

Pathlock (formerly Greenlight) help enterprises and organizations automate the enforcement of any process, access, or IT general control, for any business application.

Tozny

Tozny

Tozny offers products with security and privacy in mind that are built on the foundation of end-to-end encryption, and open-source verifiable software.

OSC Edge

OSC Edge

OSC was founded with the vision of providing expert solutions in IT to government and businesses. OSC Edge empowers organizations with solutions that prepare them for today and tomorrow.

Sentryc

Sentryc

Sentryc provides automated monitoring of brands on online marketplaces and social media making online brand protection processes faster, more clearly structured and more efficient.

Crypto Legal

Crypto Legal

Crypto Legal is a leading UK-based law firm specialising in blockchain forensics and legal services.

Third Wave Innovations

Third Wave Innovations

Third Wave Innovations (formerly RCS Secure) offers a full spectrum of cybersecurity safeguards and IT services.