Earlier this month, Cleveland Hopkins International Airport was hit with a debilitating ransomware attack. On April 21, the transportation hub’s displays, email, payroll, and record-keeping systems were all shut down by malicious software. Though arriving and departing flights and security was not affected, officials were not able to regain control of the airport systems for several days.
Initially, Cleveland Mayor Frank Jackson described the problem as “an isolated technical incident.” However, on April 29, the Federal Bureau of Investigation (FBI) noted the temporary shutdown was caused by a ransomware infection. The agency also revealed the hackers behind the attack made no demands.
FBI Supervisory Special Agent Bryan Smith told the press the investigation into the attack could take years to close.
Other Civic Infrastructure Ransomware Attacks
The Cleveland airport is only the most recent in a string of civic ransomware attacks. On March 31, the city of Albany, New York had to contend with a disruptive malware problem. The city’s police department and other municipal agencies lost access to their digital networks once the cyber infection took hold.
Consequently, police officers had to write out incident reports and no birth, death, or marriage certificates could be issued. Albany officials were able to resume normal operations two days after the attack took place.
Atlanta also had to deal with a major ransomware problem in March 2018. The malware affecting the city compromised a number of government systems, including local utilities, police and courts databases, and the public Wi-Fi at Jackson Atlanta International Airport. Hackers demanded six Bitcoins ($51,000) to release the city’s digital infrastructure.
Despite the intervention of the FBI, Department of Homeland Security, Secret Service, and a private cybersecurity firm, Atlanta’s government was offline for almost a week. When the dust settled, authorities prosecuted two Iranian hackers for the attack. Additionally, though the city’s leaders refused to pay the ransom, it cost $17 million to repair the municipality’s infrastructure.
The Airport Security Vulnerability
Investigators found cybercriminals were able to infiltrate Atlanta’s civic networks because they were dangerously insecure. In fact, auditors found around 2,000 vulnerabilities in the city’s networks. While antiquated civic cybersecurity is a big problem, a recent federal interpretability initiative makes the issue even more pressing.
Last month, The Burn-In reported U.S. Customs and Border Protection (CBP) was outfitting the nation’s biggest airports with facial recognition scanners. Notably, while the CPB maintains the biometric system, the agency charged individual airlines with sourcing their own equipment. Given the recent spate of ransomware attacks that have affected municipal networks, federal-local data interpolation could be a major problem.
For instance, let’s say a hacker infects the digital infrastructure of a major American city with a nasty piece of malware. If the malicious program affects local airports as it did in Atlanta and Cleveland, it might capture and encrypt biometric data on millions of Americans. Provided local authorities don’t pay the ransom, cybercriminals could then sell a wealth of private records to the highest bidder.
City governments across the country are under pressure to give basic services to millions of people under tight conditions. As such, it’s not uncommon for infrastructural elements to become neglected. But if municipal digital data networks don’t receive 21st-century cybersecurity upgrades, future civic ransomware attacks will truly be devastating.