The websites of SFOConnect.com and SFOConstruction.com of the San Francisco International Airport became the targets of a cyber attack in March 2020, during which criminals downloaded malware to steal user credentials. The airport management reported the incident on the official website.
It is not known whether the criminals managed to steal any data, but otherwise, the stolen credentials can provide attackers with access to the airport network. According to the website, “some users who may have been the victims of an attack have access to these resources outside the airport network.”
The airport management after the attack turned off sites and forcibly reset passwords. Currently, resources have been restored. It remains unknown whether there were any additional security features, such as multi-factor authentication, to prevent hacking sites.
Recall that earlier, specialists from ImmuniWeb conducted an analysis of the cybersecurity level of the 100 largest airports in the world (Asia, Europe, North America, Australia, Africa, and South America). According to the results of the study, it became known that 97 of the 100 largest airports in the world are subject to security risks associated with vulnerable web applications and mobile programs, improperly configured public cloud service or data leaks.