Airports were once again subject to ransomware attacks this week as the Louisville Regional Airport Authority (the managing entity for Louisville Muhammad Ali International Airport and Bowman Field) fell victim. The good news in this case is that the attack was isolated, the issue contained, and data restored. Hats off to the team at LRAA for their work! You can read more about this story in the Courier Journal.
As we’ve seen with Cleveland, Atlanta, Bristol, and countless others, airports have become a major target for cyberattack. Not only that, over twenty US municipalities have been caught in similar situations, leading to loss of services and discontinuity of operations. Since over 70% of airports in the US are owned and operated by municipalities, we can expect to see more incidents sooner rather than later.
The LRAA incident shows that there are strategies that can help mitigate the risk associated with these types of incidents. In their case, isolation and reaction time was key: while the event did occur, their teams were able to maintain business operations and restore key systems in an effective manner.
Cybersecurity incidents will happen: it’s only a matter of time. This includes cities, airports, and private companies. What matters is proper assessments, planning, controls, and response plans are in place so that business can continue to operate and there is no risk to the safety of customers and citizens. Unfortunately, without proper plans in place, it’s only a matter of time until incident negatively affects safety. It is imperative that organizations and governments dedicate time to putting plans and measures in place to prevent that from happening.