Bristol Airport says it did not pay any ransom to recover from cyber attack

UK’s ninth-busiest airport resorted to whiteboards to share flight information.

Graham Cluley
Graham Cluley
@[email protected]

Bristol Airport says it did not pay any ransom to recover from cyber attack

Officials at Bristol Airport in the UK declined to pay a ransom demand from extortionists who attacked its computer systems late last week.

Computers running public information boards displaying flight arrival and departure times were taken offline on Friday morning, in an apparent attempt to contain a malware infection.

Travellers arriving at Bristol Airport early on Friday morning found that flight information screens were down due to “technical problems”. On its Twitter account, the airport advised passengers to arrive early and allow extra time for check-in and boarding.

Sign up to our free newsletter.
Security news, advice, and tips.

Details of check-in desks. boarding gates and arrival/departure times were made over the public address system, and further information was manually updated on whiteboards.

Whiteboard flight timetable

James Gore, a spokesperson for Bristol Airport, described what occurred to BBC News:

“We believe there was an online attempt to target part of our administrative systems and that required us to take a number of applications offline as a precautionary measure, including the one that provides our data for flight information screens. That was done to contain the problem and avoid any further impact on more critical systems. The indications are that this was a speculative attempt rather than targeted attack on Bristol Airport.”

By 6:30am on Sunday it appeared the airport was returning to normal, and a tweet was posted announcing that the information screens were functioning once again.

I’m not just pleased that Bristol Airport felt comfortable not paying a ransom to the extortionists who attacked their network, suggesting officials had confidence in their backup infrastructure and ability to restore compromised systems.

If you have a secure backup, and if you have the systems in place to restore that backup in a safe, prompt fashion, then you shouldn’t need to ever consider paying the criminal who is attempting to extort money from you.

No, I’m also impressed that Bristol Airport clearly had emergency contingency plans in place to keep passengers informed about their flights, to keep inconvenience for travellers to a minimum.

All organisations would do well to consider how well they could survive – even for a short period of time – if some of their computer systems were disabled unexpectedly.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.