CLEVELAND-- The FBI continues to investigate the ransomware that took down email and flight information monitors at Cleveland Hopkins International Airport.
Operations staff at the airport noticed the problem on April 21. The IT staff confirmed, "There were some material that was not supposed to be there," Cleveland Director of Port Control Robert Kennedy said.
While flights and security were not affected, flight and baggage displays in the terminals remained down, as well as the airport emails. Those services were restored on Monday.
Ryan Smith, FBI assistant special agent in charge, confirmed there was ransomware on the network. The FBI does not recommend paying because it re-enforces that behavior to those responsible, Smith said.
Kennedy said the files were encrypted so they did not know there was a ransom at the time. He added they later learned the malware included a request for ransom.
“I think this is a good example that any entity can be can get hit with cyber,” Smith said. “At the end of the day, these actors are persistent, they are advanced and they will continue to try to threaten our government agencies, our private companies and us as individuals, and it’s a good reminder that we need to remain vigilant."
TSA and FAA are also involved in the investigation.