Ransomware attacks airport authority's servers
By Eric Anderson
Published: 2020-01-09 · Archived: 2026-04-24 02:13:19 UTC
A crypto virus that attacked the Albany County Airport Authority's computer management provider
during the Christmas holiday period ended up infecting the authority's servers as well, encrypting
files and demanding a ransom payment.
Paul Buckowski/Times Union
COLONIE — A crypto virus that attacked the Albany County Airport Authority's computer management provider
during the Christmas holiday period ended up infecting the authority's servers as well, encrypting files and
demanding a ransom payment.
Watch More
The authority's insurance carrier authorized payment of the ransom, which airport CEO Philip Calderone only said
was "under six figures."
Article continues below this ad
Get Digital Access and Stay Informed With Trusted Local News.
Get Digital Access and Stay Informed With Trusted Local News.
https://www.timesunion.com/business/article/Ransomware-attack-cripples-airport-authority-s-14963401.php
Page 1 of 3

ONLY 25¢
The attack came to light after Schenectady-based LogicalNet reported its own management services network had
been breached. From there, the virus spread to the authority's servers, including its backup servers. The
LogicalNet contract included providing security for the airport's system, Calderone said Thursday.
"We have severed our relationship with LogicalNet," he added. LogicalNet did not immediately respond to a
request for comment.
The ransom was paid in Bitcoin. The airport authority will seek to recover the $25,000 deductible it paid on its
insurance policy from LogicalNet. The airport's insurer reimbursed the authority for the rest of the ransom
payment.
Make the Times Union a Preferred Source on Google to see more of our journalism when you search.
Add Preferred Source
Airport officials said no personal or travelers' information, including credit card numbers and other data, had been
accessed. The attack also didn't affect airport operations and no TSA or airline computers had been breached.
Article continues below this ad
The safety and security of the traveling public, airport officials said, was never in jeopardy. Rather, the encrypted
files included such items as Excel spreadsheets of budgets and other administrative items, including archived files.
The authority said it immediately notified the New York State Cyber Command, the FBI, and enlisted assistance
from computer systems contractor ABS Solutions. ABS is redesigning the authority's computer system to prevent
future attacks.
The Sodinokibi ransomware implicated in the LogicalNet attack is familiar to investigators. It was used in an
attack discovered on New Year's Eve on London-based Travelex, a worldwide foreign exchange services provider.
In that ongoing case, the hackers are demanding $6 million in ransom to return five gigabytes of sensitive
customer information, which they had been downloading in the past six months, or the information would be sold
online, the BBC reported.
Article continues below this ad
"To date, the company can confirm that whilst there has been some data encryption, there is no evidence that
structured personal customer data has been encrypted," Travelex said in a statement on its website Thursday
evening.
https://www.timesunion.com/business/article/Ransomware-attack-cripples-airport-authority-s-14963401.php
Page 2 of 3

The airport authority's attack, which came to light Christmas Day, wound down by Monday. The Bitcoin ransom
was paid on Dec. 30, and an encryption key was received two hours later, allowing the airport authority to begin
restoring its data.
"Thanks to the fast action by our IT department, airport operations during one of the busiest travel periods of the
year were not impacted and no passenger or airline data was acquired or accessed," Calderone said. "Within hours
the authority was able to resume all administrative functions with systems functioning as normal. We are grateful
for the assistance provided by the New York State Cyber Command, the FBI and our consultant ABS."
Jan 9, 2020|Updated Jan 10, 2020 6:52 a.m.
Former Business Editor
Eric Anderson is the former editor of the Times Union's business section. Eric also writes the Traveling Man
column for the Times Union's Upstate magazine. 
Source: https://www.timesunion.com/business/article/Ransomware-attack-cripples-airport-authority-s-14963401.php
https://www.timesunion.com/business/article/Ransomware-attack-cripples-airport-authority-s-14963401.php
Page 3 of 3