Cyber Incident Victim: Bradley International Airport
Date:
Mar 2022
Location:
United States of America
Summary
Bradley International Airport experienced a distributed denial-of-service (DDoS) attack targeting its website, temporarily disrupting access but causing no operational impacts to flights or services. The Connecticut Airport Authority confirmed the incident did not compromise sensitive data or affect other airport systems, with the website restored to normal functionality while monitoring continued. The attack solely overwhelmed the site's infrastructure with excessive traffic, consistent with typical DDoS tactics aimed at disrupting public-facing online resources.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On March 29, 2022, Bradley International Airport in Windsor Locks, Connecticut, experienced a distributed denial-of-service (DDoS) cyberattack targeting its official website. The Connecticut Airport Authority (CAA), which manages Bradley and other state airports, confirmed the incident occurred on that Tuesday, characterizing it as an intentional attempt by unidentified actors to crash the website. The attack temporarily disrupted public access to the airport’s online platform but did not compromise flight operations, security systems, or physical airport infrastructure. CAA officials immediately activated monitoring protocols to assess the scope and impact of the incident while working to restore website functionality. By the time public statements were issued, the website had been successfully reinstated with no lingering accessibility issues reported. Authorities emphasized that the disruption remained confined to the public-facing website component, with no evidence suggesting unauthorized access to internal networks, sensitive databases, or traveler information systems.
The DDoS attack overwhelmed Bradley Airport’s web servers with excessive internet traffic, aligning with standard attack methodologies that flood targets to disrupt legitimate user access. Cloudflare’s widely cited definition of such attacks—referenced in official communications—framed the incident as a malicious effort to saturate the website’s infrastructure. CAA reiterated that critical operational systems governing flight schedules, baggage handling, security screenings, and communications remained fully functional throughout the event, confirming no cascading effects on passenger services or safety protocols. Post-restoration, the authority maintained continuous monitoring for anomalous activity but disclosed no further disruptions or secondary attack vectors. Investigators found no indications of data exfiltration, malware deployment, or system compromises beyond the temporary website outage, ruling out a conventional data breach. The CAA’s public updates consistently highlighted the isolated nature of the incident while refraining from attributing blame to specific threat actors or discussing potential motives behind the attack.