Fred P. Ayres, Operations Manager for the Porter Alexander Airport, confirmed today that the flight delays yesterday at the Delano, GA airport were caused by a ransomware attack on the carryon baggage screening equipment being used at the passenger screening checkpoints. He was not able to tell reporters this morning whether a ransom had been paid.
Bessie Coleman, spokesperson for the Airline Transportation Security Agency (ATSA), confirmed that there had been screening delays at Alexander. “We had to go to 100% manual baggage screening of carryon baggage at that airport,” Coleman told reporters; “For security reasons, I cannot discuss what prompted that requirement.”
“We had flight delays of up to two hours to allow for passengers to complete the screening protocols,” Ayers told reporters.
Frank Whittle, who’s son was scheduled to fly back to Ft Carson, Co, after Christmas leave, reported that his son missed his connecting flight in Atlanta. “He ended up spending twelve hours in the Atlanta airport and ended up getting back to his unit three hours late,” Whittle explained; “I hope he does not get in trouble with the Army over the delay.”
The National Critical Infrastructure Security Operations Center (CI-SOC) has been working with the airport and the ATSA on the investigation of the cyberattack. Turgidson told reporters this morning that it is unusual to see a ransomware attack on federal government operations. “Everyone knows that the official policy of the government is to not pay ransoms,” Turgidson explained; “So there is little incentive for a ransomware attack.”
There are rumors circulating that this was not a typical ransomware attack, that files were not encrypted. A security employee of the airport, not associated with ATSA, told me that the screening devices were picking up false weapon returns. Three passengers were apparently pulled aside for additional screening before the ransomware message showed up on the system.