New York’s Albany Airport Pays Ransom

Uploaded on 2020-01-20 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-Transport & Travel

Albany County Airport Authority has disclosed a cyberattack on their systems. The New York Airport systems fell prey to Sodinokibi attack. According to local TV station reports the security incident happened at the Albany International Airport over the busy Christmas holiday period. 

The malware infection affected numerous administrative servers of the airport. Fortunately, it did not affect the routine operations and targeted the servers of the IT firm the airport contracted for computer management.

From this infected server, the ransomware then spread on the entire network affecting all systems. In addition, the ransomware also infected their backup, leaving them with no option for recovering lost data. They assured that the security incident did not affect any airline computers. Nor did it impact travellers personal information in any way.

Ransom Demanded and Paid
Upon detecting the ransomware infection, the Airport authority notified New York State Cyber Command and the FBI about the incident. Furthermore, they have also found help from the local computer services comnany ABS Solutions.

Despite their measures, the Airport authorities could not access their data. Eventually, they had to pay the ransom to the attackers. 

An airport spokesperson, has been reported to say that they got back access their data four hours after paying the ransom. ​Though, he did not specify the exact amount ransom demanded by the attackers it is thought to be below six figures. 

The airport also worked with its cyber insurance provider to pay the ransom and unlock the impacted servers, which required sending bitcoin to a Russian actor known as Sodinokibi using the same attack method hat has disabled the finacial services operataions of Travelex. 

The servers that were encrypted during the ransomware attack contained archival airport data, including legal, administrative and HR files. A forensic analysis determined that no consumer information, such as credit card data, was impacted.

The airport has since severed its relationship with its original IT contrcator and is working with a new service supplier  to redesign its computer servers internally.

City And State NY:       Latest Hacking News:        Albany Business Review

You Might Also Read:

Travelex Ransom Demand Is Doubled:

Cyber Insurance Might Actually Encourage Attacks:

 

 

« Can A 5G Network Really Be Secure?
Why An Effective Security Culture Is Essential For Your Organisation »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Attivo Networks

Attivo Networks

Attivo Networks is an award winning provider of deception for in-network threat detection, attack forensic analysis, and continuous threat response.

Clearwater Compliance

Clearwater Compliance

Clearwater Compliance specialize in Privacy, Security, Compliance and Risk Management Solutions for Health Care, Law Firms and other businesses.

Karlsruhe Institute of Technology (KIT)

Karlsruhe Institute of Technology (KIT)

KIT is a leading research and education institutions with strong capabilities in information systems and security.

Zettaset

Zettaset

Zettaset’s XCrypt Data Encryption Platform delivers proven protection for Object, Relational/SQL, NoSQL, and Hadoop data stores…in the cloud and on-premises.

RunSafe Security

RunSafe Security

RunSafe Security is the pioneer of a patented cyberhardening transformation process designed to disrupt attackers and protect vulnerable embedded systems and devices.

QA

QA

QA is a leading IT training provider in the UK with over 1,500 courses covering all areas of IT including Cyber Security.

PhishX

PhishX

PhishX is a SaaS platform for security awareness that simulates Cyberthreats, train people, while measure and analysis results, reducing Cybersecurity risks for People and Companies.

ITRecycla

ITRecycla

ITRecycla are specialists in the protection of sensitive computer data by data destruction, re-marketing of reusable computer equipment, computer recycling and disposing of electronic e-waste.

Global Cyber Risk (GCR)

Global Cyber Risk (GCR)

Global Cyber Risk is a technology and advisory services firm that provides first tier cybersecurity services to both large corporations and small and mid-sized businesses.

NodeSource

NodeSource

NodeSource helps organizations run production-ready Node.js applications with greater visibility into resource usage and enhanced awareness around application performance and security.

NuID

NuID

NuID is a pioneer in trustless authentication and decentralized digital identity.

Mjenzi Cloud

Mjenzi Cloud

Mjenzi Cloud is a provider of cloud IaaS solutions including managed backup services, affordable & secure cloud virtual compute/storage/compute services, bare-metal services and cloud security.

Augmenta Cyber Security

Augmenta Cyber Security

Augmenta is a value driven preferred partner in assisting customers with complete cyber security solutions.

National Institute for Research & Development in Informatics (ICI Bucharest)

National Institute for Research & Development in Informatics (ICI Bucharest)

ICI Bucharest is the most important institute in the field of research, development and innovation in information and communication technology (ICT) in Romania.

Appalachia Technologies

Appalachia Technologies

Appalachia is a full service Managed Services Provider with a focus on cybersecurity, backed by the best engineers.

CCX Technologies

CCX Technologies

CCX Technologies design and develop a wide range of cybersecurity and testing solutions for the aviation, and military and government markets.