What Airports Need to Know About Avoiding Ransomware Attacks

Over the past few years, state, local, and education (SLED) organizations have become a major target of ransomware attacks, and the intensity of the threat has only increased in the wake of the COVID pandemic. As key parts of municipal infrastructure, transit centers, such as airports, are particularly attractive targets.

Cybercriminals have used ransomware to attack 3 airports and transit centers in 3 successive years. Understanding why these attacks occur and how to prevent them is becoming critical.

To avoid ransomware attacks, airports and transit centers must re-examine how they implement IoT, conduct security assessments, find the right security tools, continuously monitor their networks on a 24x7x365 basis, and educate users.

Ransomware Attacks on Airports and Transit Centers

In 2021, the Toronto, Canada Transit Commission experienced a ransomware attack that exposed more than 25 thousand employees’ data and disrupted visual communications. In 2020, the managed services provider for the Albany, NY airport was breached by ransomware, forcing the airport to pay a five-figure ransom in Bitcoin. The year before, in 2019, the Cleveland, Ohio airport had some of its services disrupted by a ransomware attack.

More recently, U.S. airports experienced distributed denial of service (DDoS) attacks that are suspected to have been launched by Russian hackers. The airports impacted included New York’s La Guardia, Atlanta, LAX, and Chicago’s O’Hare.

Other airports and transit centers can learn from these traumatic incidents so they can uncover and understand potential vulnerabilities to better defend against ransomware.

Risks of IoT

As airports and transit centers embrace IoT, they expand the attack surface available to cybercriminals. Each connected device is an endpoint that can be breached by a hacker using ransomware or another form of malware.

Adopting IoT applications expands the network surface, creating more opportunities for a breach. Airports need to embed their IoT applications properly to avoid risk. By better understanding transportation industry applications and using the right process to vet them before putting them on the network, airports can reduce the risk presented by IoT.

Security Assessments

Airports shouldn’t need to wait for a transit center to fall victim to learn where ransomware vulnerabilities lie. Instead, airports and transit centers should conduct regular security assessments.

Periodic security assessments allow airports to evaluate their security posture and improve it routinely to keep up with changes in the risk landscape. Ransomware has evolved over the years to use different attack vectors, so your organization needs to adapt its security continuously to keep up.

The Right Security Tools

Part of what security assessments can determine is whether airports are using the right tools to monitor their network and manage risk. Tools such as managed detection and response (MDR) can prevent ransomware attacks from occurring. Not only can MDR alert your organization that an incident is occurring, but it can prevent it from happening again.

Working with a managed services provider (MSP) can give your airport or transit center access to the resources of a network operations center (NOC) and security operations center (SOC) for 24/7/365 monitoring and response.

The Right Security Skills

Airports and transit centers need the security skill sets around ransomware and malware, not only for their IT staff, but for all employees. A growing security skills gap combines with evolving cybersecurity threats to deprive transit centers of the resources and security coverage adequate to prevent ransomware attacks. Airports need more IT security staff members, and these staff members need to be trained on the latest security measures.

Employees also need security awareness training. Without training on how to recognize and avoid phishing emails, employees can be a liability, exposing airport systems to ransomware.

Where to Find a One-Stop Shop for Transportation Security

A lot of puzzle pieces need to be in place to protect airports and transit centers from ransomware. Working with the right managed services provider can ensure your organization has all the tools, assessments, and experts you need.

NetXperts understands the transportation industry and can augment your staff by providing the security expertise you need while implementing management and monitoring tools. Our sister company Quadrant offers a team of talented cybersecurity analysts that can act as an extension of your airport security team with 24/7/365 managed security monitoring, AI/ML-informed threat detection, and rapid incident response.

Unlike our competitors, we still act as a small business. We are accountable and available only a text or call away.

As a Cisco Gold Certified Partner, NetXperts can provide the Cisco security tools and expertise needed to protect transit centers, including Secure X, Umbrella, Duo, and Talos.

Find out more about how we can assess your organization’s security. Reach out to NetXperts today and tell us more about your security challenges