City officials: No hacking, no ransom demanded in Cleveland Hopkins International Airport malware incident
CLEVELAND, OH (WOIO) - A 19 News investigation is digging deep and finding out more about a cyber attack at Cleveland Hopkins International Airport.
Cleveland officials are finally offering new details on airport technical woes.
Cleveland officials from the Mayor’s office are reporting no hacking and no ransom demands.
The City reiterated there is no impact to the airport’s security and operations systems.
However, email, airport flight and baggage displays are still currently unavailable.
Sources say the attack is ransomware.
A program that holds a system hostage until a ransom is paid.
“You wanna make sure all your back ups are completely separate from the system that got hacked,” said Paul Sems, a cyber security expert and at TrustedSec.
He routinely launches test attacks on his clients’ systems to make sure there are no gaps.
If there are, he gets them filled in, It gives him a good perspective as to what the city won’t confirm happened and what’s going on.
All the city has said is a tired and misleading phrase that this is an “isolated incident."
“It look like what they’re trying to do is first isolate all the systems."
The second thing is they’re gonna figure out how it got in. Then the third thing they’re gonna do is start doing the restore.” theorized Sems about what is going on behind the scenes.
Had the city kept it’s back up system separate from the one that was hacked none of this would be necessary.
Earlier this year the city of Akron was hacked and a ransom demanded.
They had properly backed up their data.
They ignored the threat and restored everything. That was Akron, this is Cleveland.
“What is pretty clear I would say is the systems that were effected were connected.” said Sems,
Something as simple as an employee opening a link they shouldn’t opens the front door to everything.
The demand for payment in bitcoin is a twist that is a growing tool for thieves.
In an earlier story we reported a Cleveland Public Power customer’s account was hacked.
She was told to make a bitcoin deposit at a kiosk. She didn’t do it.
Copyright 2019 WOIO. All rights reserved.