The ransomware attack disrupted the screens for two days.
In a nasty ransomware attack, flight information screens at the United Kingdom’s Bristol airport were taken over and hijacked by malicious hackers on September 15th Friday morning.
The ransomware attack forced the airport staff to go manual by using whiteboards and hand-written information to assist passengers regarding their flight schedule.
Authorities claim that flight operations were not affected by the attack neither did they pay any ransom to cybercriminals and disrupted screens were restored without further delay.
According to an official tweet from Bristol airport “We are currently experiencing technical problems with our flight information screens. Flights are unaffected and details of check-in desks, boarding gates, and arrival/departure times will be made over the public address system. Additional staff are on hand to assist passengers.”
One of the passengers took a snapshot of the affected screen and shared it on Twitter displaying “Out of Service” message.
OUT OF SERVICE We are sorry for the inconvenience. Our Engineers are currently working to resolve the issue as soon as possible.
— Eric Vanderburg (@evanderburg) September 17, 2018
It is unclear what type of ransomware hit the airport’s computer screens, however, restoring the service without paying ransom can be regarded as a victory for the authorities.
“We believe there was an online attempt to target part of our administrative systems and that required us to take a number of applications offline as a precautionary measure, including the one that provides our data for flight information screens. That was done to contain the problem and avoid any further impact on more critical systems,” airport spokesman James Gore told BBC.
The ransomware attack at the Bristol Airport should not come as a surprise since, in July this year, it was reported that hackers were selling access to the security system of a high-profile international airport for only $10. The offer included access to RDP (remote desktop protocol (RDP) access), which is responsible for the key security systems including transit and surveillance as well as building automation system.
Moreover, this is not the first time when an airport has suffered such a cyber attack. In May this year, the airport screens at Mashhad city, in northeast Iran, were hacked and defaced by an unknown group of hackers with messages against the Iranian government. The hackers left images on the arrival and departure monitor screens at the airport displaying statements against the Iranian government and military’s activities and presence in the Middle East.