Cleveland Hopkins International Airport is battling a ransomware attack that knocked out some displays and disabled email, according to multiple reports from Cleveland, Ohio, news outlets.
However, rumors that accounting, payroll and timekeeping systems also were hit are erroneous, according to a statement from the mayor's office. In an April 25 statement, the city also said:
"The City of Cleveland and Cleveland Hopkins International Airport continue working to resolve the technical issues impacting a small number of airport systems. The City reiterates there is no impact to the airport’s security and operations systems.
All airport safety and security operations are functioning as normal. However, email, in-airport flight and baggage displays are currently unavailable. Passengers can find similar flight information online at www.clevelandairport.com or via the airport’s special customer information teams."
The city did not specifically mention ransomware as the IT issue, and Mayor Frank Jackson has not personally commented about the situation. Cleveland Hopkins International Airport is the largest and busiest airport in Ohio, and the 43rd busiest airport in the United States by passenger numbers, according to Wikipedia.
The city has not publicly disclosed whether third-party cyber experts and MSSPs are assisting the cleanup.
Ransomware, Malware Cyberattacks Target Government Systems
Ransomware and malware attacks have frequently targeted municipal IT operations, government and transportation systems in recent months. Example attacks include:
- April 2019: Augusta, Maine, suffered a highly targeted malware attack that froze the city's entire network and forced the city center to close.
March 2019: Albany, New York, suffered a ransomware attack.
March 2019: Jackson County, Georgia officials paid cybercriminals $400,000 after a cyberattack shut down the county’s computer systems.
March 2018: Atlanta, Georgia suffered a major ransomware attack.
February 2018: Colorado Department of Transportation (CDOT) employee computers temporarily were shut downdue to a SamSam ransomware virus cyberattack.
MSSPs Battling, Mitigating Ransomware
Amid the attacks, many MSSPs and MSPs have introduced cybersecurity awareness training — including simulated phishing attacks — to help ensure customers don’t fall for attacks that trigger ransomware malware.
Also, many MSSPs and MSPs have been shifting to next-generation endpoint protection systems that mitigate most ransomware. Some traditional anti-virus packages have been known to overlook the attacks.
As a fail-safe, MSPs have also combined security with business continuity and disaster recovery services, which can restore data after a ransomware attack.