New York’s Albany Airport Pays Ransom

Uploaded on 2020-01-20 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-Transport & Travel

Albany County Airport Authority has disclosed a cyberattack on their systems. The New York Airport systems fell prey to Sodinokibi attack. According to local TV station reports the security incident happened at the Albany International Airport over the busy Christmas holiday period. 

The malware infection affected numerous administrative servers of the airport. Fortunately, it did not affect the routine operations and targeted the servers of the IT firm the airport contracted for computer management.

From this infected server, the ransomware then spread on the entire network affecting all systems. In addition, the ransomware also infected their backup, leaving them with no option for recovering lost data. They assured that the security incident did not affect any airline computers. Nor did it impact travellers personal information in any way.

Ransom Demanded and Paid
Upon detecting the ransomware infection, the Airport authority notified New York State Cyber Command and the FBI about the incident. Furthermore, they have also found help from the local computer services comnany ABS Solutions.

Despite their measures, the Airport authorities could not access their data. Eventually, they had to pay the ransom to the attackers. 

An airport spokesperson, has been reported to say that they got back access their data four hours after paying the ransom. ​Though, he did not specify the exact amount ransom demanded by the attackers it is thought to be below six figures. 

The airport also worked with its cyber insurance provider to pay the ransom and unlock the impacted servers, which required sending bitcoin to a Russian actor known as Sodinokibi using the same attack method hat has disabled the finacial services operataions of Travelex. 

The servers that were encrypted during the ransomware attack contained archival airport data, including legal, administrative and HR files. A forensic analysis determined that no consumer information, such as credit card data, was impacted.

The airport has since severed its relationship with its original IT contrcator and is working with a new service supplier  to redesign its computer servers internally.

City And State NY:       Latest Hacking News:        Albany Business Review

You Might Also Read:

Travelex Ransom Demand Is Doubled:

Cyber Insurance Might Actually Encourage Attacks:

 

 

« Can A 5G Network Really Be Secure?
Why An Effective Security Culture Is Essential For Your Organisation »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Cyber Security Network

Cyber Security Network

Cyber Security Network provide specialist cyber security recruitment services.

Bundesdruckerei

Bundesdruckerei

Bundesdruckerei specializes in secure identity technologies and services for protecting sensitive data, communications and infrastructures.

Wavestone

Wavestone

Wavestone is a strategy and technology consulting company with areas of expertise including digital transformation and cybersecurity.

IronScales

IronScales

IronScales combines human intelligence with machine learning to automatically prevent, detect and respond to email phishing attacks.

Cybernetic Global Intelligence (CGI)

Cybernetic Global Intelligence (CGI)

CGI is a global IT Security firm that helps companies protect their data and minimize their vulnerability to cyber threats through a range of services such as Security Audits and Managed Services.

Atempo

Atempo

Atempo is a leading independent European-based software vendor with a global presence. We provide solutions to protect, store, move and recover all your data.

Invensity

Invensity

INVENSITY is an interdisciplinary technology and innovation consulting company. Centres of excellence include Cyber Security and Data Privacy.

Polish Centre for Accreditation (PCA)

Polish Centre for Accreditation (PCA)

PCA is the national accreditation body for Poland. The directory of members provides details of organisations offering certification services for ISO 27001.

Novastor

Novastor

NovaStor® is an award-winning, international data backup and recovery software company with solutions supporting physical, virtual and cloud environments.

CybExer Technologies

CybExer Technologies

CybExer provide an on-premise, easily deployable solution for complex technical cyber security exercises based on experience in military grade ranges.

EOL IT Services

EOL IT Services

EOL IT Services is the UK’s most accredited provider of IT Asset Disposal (ITAD), Lifecycle Services and Data Destruction.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Asia Center of Excellence for Smart Technologies (ACES)

Asia Center of Excellence for Smart Technologies (ACES)

ACES is a one-stop competency center and incubator for the development of Industry 4.0 and associated technologies including cybersecurity, robotics, IoT and Big Data.

Kontron

Kontron

Kontron offers a combined portfolio of secure hardware, middleware and services for Internet of Things (IoT) and Industry 4.0 applications.

riskmethods

riskmethods

riskmethods helps you proactively identify, assess and mitigate supply chain risk. You need to master supply chain risk management—we can help.

Hexens

Hexens

Hexens introduces a whole new approach to cybersecurity solutions. Indisputable skills and a unique super-focused perspective on every single case are the values we create.