Hopkins International Airport is battling a ransomware attack that knocked out some displays and disabled email, according to multiple reports from Cleveland, Ohio. Hopkins International Airport is the largest and busiest airport in Ohio, and the 43rd busiest airport in the United States by passenger numbers, according to Wikipedia.
The City of Cleveland and Hopkins International Airport continues to work in order to resolve the technical issues impacting a small number of airport systems. The City reiterates there is no impact to the airport’s security and operations systems.
All airport safety and security operations are functioning as normal. However, email, in-airport flight and baggage displays are currently unavailable. Passengers can find similar flight information online at www.clevelandairport.com or via the airport’s special customer information teams.
Amid the attacks, many MSSPs and MSPs have introduced cybersecurity awareness training — including simulated phishing attacks — to help ensure customers don’t fall for attacks that trigger ransomware malware.
Also, many MSSPs and MSPs have been shifting to next-generation endpoint protection systems that mitigate most ransomware. Some traditional anti-virus packages have been known to overlook the attacks. As a fail-safe, MSPs have also combined security with business continuity and disaster recovery services, which can restore data after a ransomware attack.
“You wanna make sure all your backups are completely separate from the system that got hacked,” said a cyber-security expert. He routinely launches test attacks on his clients’ systems to make sure there are no gaps.
If there are, he gets them filled in, it gives him a good perspective as to what the city won’t confirm happened and what’s going on. All the city has said is a tired and misleading phrase that this is an “isolated incident.” It looks like what they’re trying to do is first isolate all the systems.
The second thing is they’re going to figure out how it got in. Then the third thing they’re going to do is start doing the restore. As theorized by security experts about what is going on behind the scenes.
Earlier this year the city of Akron was hacked and a ransom was also demanded.
Lucky for them, they had properly backed up their data.
They ignored the threat and restored everything. But that was Akron, this is Cleveland.
What is pretty clear is the systems that were effected were connected. Something as simple as an employee opening a link they shouldn’t, opens the front door to everything.
The demand for payment in bitcoin is a twist that is a growing tool for thieves.
Had the city kept its back up system separate from the one that was hacked none of this would have been necessary.