Airport PA System Hack: How Attackers Hijacked Announcements in the US and Canada

Airport public address (PA) systems in the United States and Canada were hijacked in October 2025, broadcasting unauthorized messages that praised Hamas and criticized political figures. The incident affected multiple airports, disrupted normal operations, and raised concerns about the security of public communication infrastructure. This article explains what happened, how the attack unfolded, and the impact on airport operations and public trust, with references to previous coverage and external sources.

What happened at North American airports?

On October 16, 2025, Reuters and CBC reported that hackers gained access to PA and flight information display systems at several airports in the US and Canada. The attackers used these systems to broadcast political messages, including support for Hamas and criticism of former US President Donald Trump. Airports in British Columbia and Ontario, including Kelowna and Windsor, confirmed their systems were compromised. The incident was part of a series of cyberattacks targeting transportation infrastructure in recent months. For more on previous infrastructure attacks, see our Operations & Campaigns section.

Airport officials stated that the unauthorized broadcasts lasted several minutes before IT teams regained control. The messages were played over loudspeakers and displayed on information screens, causing confusion among travelers and staff. Authorities quickly shut down affected systems to prevent further misuse. No physical harm was reported, but the psychological impact on passengers and employees was significant.

How did the attackers gain access?

According to CBC, the attackers exploited vulnerabilities in the public address and flight information display systems. These systems are often connected to internal networks and, in some cases, accessible remotely for maintenance. Investigators believe the hackers used weak or default credentials to gain entry, a common issue in legacy infrastructure. The attack did not affect flight operations or air traffic control, but it exposed weaknesses in non-critical airport systems.

What was the immediate response?

Airport IT teams and external cybersecurity experts worked to isolate and restore affected systems. Public announcements were made to inform travelers of the incident and reassure them that flight safety was not compromised. Law enforcement agencies in both countries launched investigations, and the affected airports reviewed their security protocols. For more on incident response best practices, visit our Cyber News & Updates page.

Impact on airport operations and public trust

While the attack did not disrupt flights, it caused confusion and concern among passengers. The use of airport PA systems to spread political messages highlighted the potential for psychological operations (PSYOPs) in public spaces. Airport authorities faced criticism for not securing their communication infrastructure, and the incident prompted calls for improved cybersecurity standards across the transportation sector.

Security experts noted that similar attacks could be used for more disruptive purposes, such as spreading false emergency alerts or causing panic. The incident serves as a warning to other critical infrastructure operators to review and strengthen their defenses.

Lessons for the transportation sector

The airport PA system hack demonstrates the importance of securing all networked systems, not just those directly related to safety or operations. Regular security assessments, strong authentication, and network segmentation are essential to prevent unauthorized access. The incident also underscores the need for rapid response protocols and clear communication with the public during cyber incidents.

For a list of recent infrastructure attacks and lessons learned, see our infrastructure attacks tag.

References