Officials from the Cleveland Mayor’s Office are reportedly downplaying the significance of what appears to have been a successful ransomware attack on flight info, baggage and email systems at the Cleveland Airport, WTOC reports.
Those systems are currently down, though “no hacking” has taken place and “no ransom” has been demanded, the Mayor’s Office claims.
Officials have also stated that security and operational systems have not been affected.
Sources to WTOC, however, claim the Cleveland airport systems have been downed by ransomware.
Ransomware is a malicious type of software typically proliferated via infectious links in emails or infected links at popular websites.
Hackers can buy malware on the Dark Net, where they can also buy huge lists of stolen and potentially valuable corporate and institutional emails.
Legion infected emails may be sent indiscriminately or may be targeted at key individuals who have been identified, profiled and targeted with very tailored emails.
One employee at a cryptocurrency exchange was identified by hackers as a dog lover, for instance, and special “dog lover” emails and a website were created to entice that person to click infectious links.
That person did so, and the exchange they worked at was subsequently robbed in a hack.
According to WTOC, IT security staff at the Cleaveland airport appear to have not backed up the systems affected by the hack, which is why those systems are still down.
“You wanna make sure all your back ups are completely separate from the system that got hacked,” Paul Sems, a cyber security expert at TrustedSec told the outlet.
Sems reportedly, “…routinely launches test attacks on his clients’ systems to make sure there are no gaps.”
He says staff at the Cleveland airport are likely observing the following protocols in the aftermath of the attack:
“It look like what they’re trying to do is first isolate all the systems…The second thing is they’re gonna figure out how it got in. Then the third thing they’re gonna do is start doing the restore.”
Ransomware attacks can be very costly. A ransomware attack on the large metal-producing company Norsk Hydro in March of this year, for instance, reportedly induced the company to replace hundreds of computers.
Removing traces of Trojan malware and ransomware from remaining systems can also take hundreds of man-hours. Experts have warned that if not properly removed, malware can be reactivated.
WTOC writes that the city of Akron, Ohio, was also hit by a ransomware attack earlier this year though all affected systems there were backed up.