New York’s Albany Airport Pays Ransom

Uploaded on 2020-01-20 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-Transport & Travel

Albany County Airport Authority has disclosed a cyberattack on their systems. The New York Airport systems fell prey to Sodinokibi attack. According to local TV station reports the security incident happened at the Albany International Airport over the busy Christmas holiday period. 

The malware infection affected numerous administrative servers of the airport. Fortunately, it did not affect the routine operations and targeted the servers of the IT firm the airport contracted for computer management.

From this infected server, the ransomware then spread on the entire network affecting all systems. In addition, the ransomware also infected their backup, leaving them with no option for recovering lost data. They assured that the security incident did not affect any airline computers. Nor did it impact travellers personal information in any way.

Ransom Demanded and Paid
Upon detecting the ransomware infection, the Airport authority notified New York State Cyber Command and the FBI about the incident. Furthermore, they have also found help from the local computer services comnany ABS Solutions.

Despite their measures, the Airport authorities could not access their data. Eventually, they had to pay the ransom to the attackers. 

An airport spokesperson, has been reported to say that they got back access their data four hours after paying the ransom. ​Though, he did not specify the exact amount ransom demanded by the attackers it is thought to be below six figures. 

The airport also worked with its cyber insurance provider to pay the ransom and unlock the impacted servers, which required sending bitcoin to a Russian actor known as Sodinokibi using the same attack method hat has disabled the finacial services operataions of Travelex. 

The servers that were encrypted during the ransomware attack contained archival airport data, including legal, administrative and HR files. A forensic analysis determined that no consumer information, such as credit card data, was impacted.

The airport has since severed its relationship with its original IT contrcator and is working with a new service supplier  to redesign its computer servers internally.

City And State NY:       Latest Hacking News:        Albany Business Review

You Might Also Read:

Travelex Ransom Demand Is Doubled:

Cyber Insurance Might Actually Encourage Attacks:

 

 

« Can A 5G Network Really Be Secure?
Why An Effective Security Culture Is Essential For Your Organisation »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

DataGuidance

DataGuidance

DataGuidance is a platform used by privacy professionals to monitor regulatory developments, mitigate risk and achieve global compliance.

Webroot

Webroot

Webroot delivers next-generation endpoint security and threat intelligence services to protect businesses and individuals around the globe.

Civica

Civica

Civica provides cloud-based managed IT services, hosting and outsourcing.

Device Authority

Device Authority

Device Authority specialises in security automation for the Internet of Things (IoT).

AEI Cybersecurity

AEI Cybersecurity

AEI brings together companies, Research Centres, Universities, and other organizations interested in promoting new cybersecurity technologies.

AllClear ID

AllClear ID

AllClear ID provides products and services that help protect people and their personal information from threats related to identity theft.

FixMeStick

FixMeStick

FixMeStick is a virus removal device, a USB key that removes malware conventional antivirus software often can’t detect.

Netresec

Netresec

Netresec is an independent software vendor with focus on the network security field. We specialize in software for network forensics and analysis of network traffic.

CyberGhost

CyberGhost

CyberGhost is a Virtual Private Network services provider offering secure encrypted access to the internet.

ACPL Systems

ACPL Systems

We offer leading-edge technology solutions, expert professional and managed services and proven methodologies to ensure your data is protected and business risks are reduced.

PBOSecure

PBOSecure

PBOSecure is a dynamic and progressive IT consultancy company specializing in IT and Industrial Control System (ICS) security.

Red Piranha

Red Piranha

Red Piranha's Crystal Eye Unified Threat Management Platform is designed for Managed Service Providers and corporations that need extreme security that is both easy to use and affordable.

Otlo

Otlo

Otlo delivers affordable, trustworthy solutions that identify cyber threats, improve and protect your digital security, helping you take control with our sector-specific expertise.

Carve Systems

Carve Systems

Carve Systems was founded to bring enterprise level information security, training, and risk management services to organizations of any size and industry.

Capital Network Solutions

Capital Network Solutions

Capital Network Solutions are a highly accredited managed IT services and consultancy provider, specialising in cyber security, infrastructure and communications.

Truly Secure

Truly Secure

Truly Secure is an IT Service Provider that ensures greater efficiency and security within a company's technological environment.