In a coordinated cyberattack that has rattled airport authorities and travelers alike, hackers breached the public address systems at four regional airports—three in Canada and one in the United States—on October 17, 2025, broadcasting pro-Hamas messages and sharp criticism of former President Donald Trump. The incident unfolded just days after a peace treaty was signed between Israel and Hamas, a deal brokered by Trump himself, raising questions about the timing and intent behind the digital assault.
The affected Canadian airports included Kelowna International Airport and Victoria International Airport, both in British Columbia, and Windsor International Airport in Ontario. South of the border, Harrisburg International Airport in Pennsylvania was targeted. Though all four are regional facilities, the hack ignited global headlines and prompted swift responses from law enforcement and cybersecurity officials in both countries.
According to Reuters, the breach in Kelowna was traced to an advertisement streaming service. The Royal Canadian Mounted Police (RCMP) confirmed that "the Kelowna International Airport in British Columbia was briefly compromised and unauthorized content was shared" on its system. Authorities were quick to launch an investigation, with the Canadian Centre for Cyber Security providing support. Kelowna International Airport, the busiest among the four, served just over 2 million passengers in 2024—a far cry from the more than 25 million who passed through Vancouver International Airport, British Columbia’s largest hub.
Meanwhile, at Victoria International Airport, hackers managed to broadcast messages in a foreign language and played music over the PA system. The intrusion forced airport staff to switch to an internal system to regain control. A spokesperson for the airport noted that the breach was made possible by exploiting vulnerabilities in third-party software, a detail that underscores the growing risks associated with cloud-based and outsourced IT solutions.
The attack on Windsor International Airport was equally disruptive. There, the PA system and flight information display screens were both compromised, flashing unauthorized images and announcements. Airport officials said the breach occurred via a "cloud-based software provider" but were quick to reassure the public that "our systems returned to normal shortly thereafter." The RCMP and the Canadian Centre for Cyber Security are spearheading the investigation into these incidents across Canada.
In the United States, the breach at Harrisburg International Airport was confirmed by U.S. Transportation Secretary Sean Duffy via a social media post. The Federal Aviation Administration (FAA) and airport officials have since launched their own investigation, although the FAA has yet to issue a formal statement. According to The Times of Israel, Harrisburg spokesperson Scott Miller explained, "Out of an abundance of caution, the aircraft was searched. No security issues were found, and the flight departed safely." The lack of any direct threats to airport operations or passenger safety was a small relief amid the chaos, but the incident still exposed vulnerabilities that could be exploited in more damaging ways in the future.
Some of the visuals from the hacked PA systems quickly went viral on social media, amplifying the incident’s reach and raising public concern. Among the messages broadcast were repeated chants of "Free Palestine, Free Palestine, Free Palestine" and the inflammatory slur, "You are a pig, Donald Trump." India TV Digital, which reported on the viral videos, cautioned that it could not independently verify the authenticity of every circulating clip. Still, the impact was immediate—travelers and staff at the airports were left bewildered and, in some cases, alarmed by the sudden political messaging blaring through terminals usually reserved for flight updates and boarding calls.
The Times of Israel attributed the cyberattack to a Turkish group known as 'SiberIslam.' While the group’s motives remain unclear, their choice of targets and timing—so soon after the high-profile Israel-Hamas peace deal—suggests a deliberate attempt to capitalize on global tensions and attract maximum attention. Importantly, the hackers made no explicit threats against the airports or airlines, focusing instead on broadcasting their political messages. This was confirmed by airport officials and echoed by law enforcement, who emphasized that no physical security risks were found during precautionary sweeps of affected flights and terminals.
The political context of the hack cannot be ignored. Just days before the attack, Israel and Hamas had exchanged hostages and prisoners as part of a peace deal brokered by Trump. Despite the agreement, tensions remained high. Israeli Prime Minister Benjamin Netanyahu insisted that Israel "will not compromise" and demanded that Hamas fulfill all terms of the ceasefire. Trump, for his part, issued a stark warning: "Israel will return to those streets as soon as I say the word." The cyberattack, with its pointed messages and timing, seemed almost designed to inflame those lingering anxieties on both sides of the conflict.
Cybersecurity experts have long warned that critical infrastructure—especially in transportation—is vulnerable to attacks via third-party software. The latest incident highlights just how quickly a breach can move from a technical nuisance to a public spectacle. In each case, the hackers exploited cloud-based systems or external software, bypassing local controls and leaving airport IT teams scrambling to regain command. The Canadian Centre for Cyber Security and the RCMP are now working closely with airport authorities to shore up defenses and trace the origins of the attack.
In the U.S., the FAA’s investigation is ongoing, and officials are urging other regional airports to review their own cybersecurity protocols. The breach at Harrisburg International, while not as disruptive as it might have been, has nonetheless raised alarms about the preparedness of smaller airports—often with fewer resources and less robust digital defenses compared to major hubs.
As the dust settles, both Canadian and American authorities are left to grapple with the implications. The attack, while not physically dangerous, exposed systemic weaknesses that could be exploited for more malicious ends. It also demonstrated how quickly a local incident can spiral into an international talking point in the age of social media and viral content.
For now, the airports have restored normal operations and are reviewing their systems for further vulnerabilities. The investigations continue, with law enforcement on both sides of the border determined to track down those responsible. In an era where a few keystrokes can turn a quiet terminal into a global stage for political messaging, the need for vigilance has never been clearer.