Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Incident Response

Christmas Ransomware Attack Hit New York Airport Servers

An upstate New York airport and its computer management provider were attacked by ransomware over Christmas, officials said.

An upstate New York airport and its computer management provider were attacked by ransomware over Christmas, officials said.

Officials at the Albany County Airport Authority announced Thursday that the attack came to light after Schenectady-based LogicalNet reported its own management services network had been breached. From there, the virus spread to the authority’s servers and backup servers, encrypting files.

The attack, which was discovered Christmas Day, encrypted administrative files like budget spreadsheets, but no personal or financial traveler data was accessed, airport officials said, nor did it affect operations at Albany International Airport, which the authority oversees, or Transportation Security Administration or airline computers.

The airport authority’s insurance carrier authorized payment of the bitcoin ransom, which officials would say only was “under six figures,” the Times Union reported. It was paid Dec. 30, and two hours later an encryption key was received, allowing the airport authority to restore its data.

The contract with LogicalNet, which the authority has since terminated, included providing security for the airport’s system, airport authority CEO Philip Calderone said.

LogicalNet did not respond to request for comment from the Times Union.

The New York State Cyber Command and the FBI were notified of the attack, officials said, and assistance was enlisted from another computer systems contractor.

The same strain of ransomware, Sodinokibi, was used in an attack discovered on New Year’s Eve against London-based Travelex, a worldwide foreign exchange services provider.

Advertisement. Scroll to continue reading.

RelatedNew Sodinokibi Ransomware Delivered via Oracle WebLogic Flaw

Related: Pulse Secure VPN Vulnerability Still Widely Exploited, CISA Warns

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join SecurityWeek and Hitachi Vantara for this this webinar to gain valuable insights and actionable steps to enhance your organization's data security and resilience.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

Defense contractor Nightwing has appointed Tricia Fitzmaurice as Chief Growth Officer.

Xage Security has appointed Russell McGuire as CRO and Ashraf Daqqa as VP of the META region.

Solana co-founder Stephen Akridge has been appointed the CEO of data protection firm Cyber Grant.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.