Hackers attack Querétaro, one of Mexico’s largest airports

Querétaro attack

Querétaro, one of Mexico’s largest airports, encountered a formidable cyber threat. Via social media, the administration disclosed the incident, affirming that cybersecurity experts had been engaged to investigate the breach.

Important! We reported that we had a cyberattack incident and are working with experts to address this situation. AIQ systems are operating normally. The safety of our passengers and operations remains our top priority, (translated)” the airport’s statement declared.

Over the past decade, Querétaro has evolved into a pivotal hub for air travel connecting Mexico with the United States and Europe. In 2022, it accommodated over a million passengers.

It is suspected that the cause of the incident was malicious software, inadvertently downloaded by an airport employee. Despite this, the operational safety of the systems was not compromised, and the response team was able to quickly contain and isolate the threat. A data leak did occur; however, officials assert that the stolen information is of no value, as it was already publicly accessible. Relevant government bodies have been informed of the issue.

Responsibility for the attack has been claimed by the hacker group LockBit. On October 27, the perpetrators threatened to release the stolen data unless their demands were met. As of now, the actual details of the information they possess remain undisclosed.

LockBit recently claimed responsibility for a data theft involving the aviation giant Boeing. According to Recorded Future News, the company has also commenced an internal investigation.

This week, LockBit removed the information about Boeing from their leak site. Researchers from vx-underground reported negotiations with the hackers, though other details have not been disclosed.

The aviation sector frequently finds itself targeted by cybercriminals. In October, Air Canada and Air Europa encountered security incidents. Earlier, several U.S. airports were subjected to a series of DDoS attacks.

In September, a cyber incident affecting Airbus came to light when data belonging to 3,200 contractors of the aerospace titan were found on the darknet, released by an unknown hacker.