In an unprecedented cyber incident, a hacking group has reportedly compromised airport public address systems, causing widespread disruption across multiple airports in both Canada and the United States. This marks one of the first known instances of such a targeted attack on aviation infrastructure. The perpetrators, identified as a group with apparent ties to pro-Hamas ideologies, are said to have used the public announcement systems to broadcast pro-Palestinian messages, while also making threats aimed at both the United States and Israel.
The chaos began when the hackers hijacked the communication systems at several airports, including three in Canada and one in the U.S. Passengers were left bewildered and alarmed, particularly at Harrisburg International Airport in Pennsylvania, where one of the messages ominously referenced “a second September 11.” The disturbing implication suggested the hackers might have planned a hijacking with the intention of targeting significant U.S. landmarks—evoking memories of the 9/11 terrorist attacks in 2001, when planes were flown into the World Trade Center towers in New York City.
The messages that disrupted these airports were not just simple text or static displays. Instead, they featured computer-generated voices chanting “Free, free Palestine” repeatedly. Additionally, some of the messages contained hostile and inflammatory remarks aimed at U.S. President Donald Trump and Israeli Prime Minister Benjamin Netanyahu. This pointed to the possibility that the hackers were motivated by political and ideological views aligned with Hamas and were using the airports as a platform to propagate their beliefs.
These cyber-attacks were believed to be carried out by a relatively unknown hacking group called Siberislam, allegedly a Turkish-based collective. While the group’s capabilities are still being assessed, it is clear that they have the ability to disrupt critical infrastructure—especially in sensitive areas such as international airports. What’s even more concerning is the apparent ease with which they were able to take over public address systems, which are usually heavily protected by airport security protocols.
The situation escalated as these hackers not only compromised the PA systems but also hijacked flight information display screens at various locations. At Kelowna International Airport in British Columbia, Victoria International Airport, and Windsor International Airport in Ontario, the information boards displayed messages such as “Hamas has won” and “Israel lost the war,” further fuelling the political rhetoric. In some cases, the displays even showcased AI-generated images of a message reading “Hacked by Mutarrif Siberislam,” which made it clear that the perpetrators were trying to cement their identity while flaunting their technical prowess.
However, the disruption was not long-lasting. Airport IT staff worked quickly to restore the affected systems, erasing the hijacked messages and returning the systems to their normal operations. Despite the rapid response, the incident raised serious concerns about the vulnerability of critical infrastructure to cyber-attacks, particularly those aimed at inciting political unrest.
One of the most alarming aspects of this incident is the recurring threat of violence embedded in the hackers’ messages. The reference to “a second September 11” evoked fears of an attack similar to the tragic events of 2001, when terrorist group Al-Qaeda orchestrated a series of hijackings that killed thousands. The hackers’ choice to invoke this infamous event not only reflects the political motivations behind the attack but also underscores the potential risks of further escalation.
Cybersecurity experts have been quick to analyze the scale and sophistication of the attack. Some argue that while the actions of the group appear significant, it’s unlikely that such a small, relatively obscure collective could execute such a high-profile attack without substantial backing. The suggestion is that the group might be supported—either directly or indirectly—by a larger, state-sponsored entity, such as a government or intelligence agency. This would explain the capability to target high-level infrastructure with such precision.
While the hackers may have seen this as a way to promote their political agenda, security experts agree that disrupting transportation systems and public safety services is not an effective method of protest or hacktivism. Far from winning sympathies, these types of attacks tend to isolate perpetrators and further criminalize their actions. Attacking essential services like airports, which rely on secure and reliable operations, is more likely to unite opposition against the hackers, rather than advance their cause.
In the aftermath, this cyber incident serves as a stark reminder of the vulnerability of critical infrastructure to hacking groups. While it’s clear that the attack was politically motivated, it also raises questions about the larger implications of cyber warfare in the modern age. As governments and international organizations assess the damage and tighten their cybersecurity measures, the threat of cyber-attacks targeting vital systems, including transportation and communications, is only expected to grow.
Join our LinkedIn group Information Security Community!
