Albany International Airport

Albany International Airport operates as a regional aviation hub in the United States, facilitating passenger travel and cargo transportation. Its core functions include managing flight operations, terminal services, and ground infrastructure while coordinating with airlines, regulatory agencies, and service providers. The airport maintains administrative systems for document archiving, financial records, and operational logistics, which became the focal point of a significant cybersecurity incident in late 2019.

On December 25, 2019, the airport suffered a ransomware attack by the Sodinokibi group targeting its administrative servers. The attackers encrypted archived data and operational documents but did not compromise passenger information, airline systems, or flight operations. Administrative functions were restored within hours through internal IT recovery efforts, avoiding prolonged disruption to airport activities. The organization paid a ransom under $100,000, with partial reimbursement from their insurer after a deductible was charged to third-party IT provider LogicalNet, whose services were terminated following the breach.

The incident response involved collaboration with the Federal Bureau of Investigation, New York State Cyber Command, and cybersecurity firm ABS Solutions, demonstrating institutional protocols for addressing critical infrastructure threats. While the attack exposed vulnerabilities in third-party vendor management, the containment of operational impact underscored the segregation between administrative and flight control systems. This event highlighted the airport’s adherence to contingency planning standards for critical infrastructure entities, prioritizing swift restoration of compromised systems without public safety consequences. The termination of LogicalNet reflected organizational accountability measures following forensic analysis of the breach’s origins.