On the evening of October 14, 2025, a wave of cyberattacks swept through airport terminals across Canada and the United States, leaving travelers bewildered and airport officials scrambling to regain control. Public address systems and flight information displays at airports in Kelowna, Victoria, Windsor, Harrisburg, and reportedly one in Oregon, were hijacked to broadcast pro-Hamas and pro-Palestinian messages, alongside pointed insults directed at Israel, Israeli Prime Minister Benjamin Netanyahu, and former U.S. President Donald Trump. The coordinated nature and reach of these digital intrusions have underscored the mounting vulnerabilities in airport IT infrastructure, particularly as more facilities rely on cloud-based systems for their core communications.
According to Global News, Kelowna International Airport was among the first to confirm the breach, reporting that "a third party gained access to the flight information display screens and the public address (PA) system in the terminal building." For a brief but unsettling period, terminal screens at Kelowna flashed messages such as "Israel lost the war, Hamas won the war honorably. You are a pig, Donald Trump," while the PA system broadcast similar slogans and chants. The airport swiftly removed the unauthorized messaging, restored its flight information displays, and continued working to reset the PA system. However, the incident did cause several flight delays, with three delayed departures still listed the following morning, though not all were definitively linked to the cyberattack.
Victoria International Airport, too, found its PA system compromised through a cloud-based software issue. Staff responded quickly, shutting down the unauthorized audio broadcast within minutes. A spokesperson for the airport explained that the loudspeakers use a cloud-based external system, a technology now common at airports worldwide. "Someone externally uploaded a file containing unauthorized audio content that played on the loudspeakers for a few minutes," the spokesperson said in an email to CBC News. Fortunately, Victoria experienced no operational disruptions, delays, or cancellations as a result.
The impact of the cyberattacks was not limited to Canada. Harrisburg International Airport in Pennsylvania confirmed that an unauthorized user accessed its PA system, playing a political message of a similar nature. Scott Miller, a spokesperson for Harrisburg, told CNN, "The message was political in nature and did not contain any threats against the airport, our tenants, airlines, or passengers." As a precaution, a flight that was already boarding was inspected, but no safety issues were found and the plane departed safely. Authorities in Harrisburg, including local, state, and federal officials, have launched an investigation into the breach.
Transport Canada, the federal agency responsible for transportation safety, acknowledged the hacks at Kelowna, Victoria, and Windsor International Airports. In a statement on October 15, 2025, Transport Canada said it was "working closely with federal security partners, including law enforcement, to ensure there were no impacts on the safety and security of airport operations and to mitigate disruption from similar incidents in the future." The Canadian Centre for Cyber Security also confirmed its awareness of the incidents, while local police and the RCMP declined immediate comment.
The CEO of Kelowna International Airport, Sam Samaddar, shed light on the technical vulnerabilities exploited by the attackers. He explained to The Globe and Mail that the hackers took advantage of third-party cloud software used for both screens and announcement systems—a weakness shared by the other affected Canadian airports as well as facilities in the U.S. "We deemed the threat to be non-specific – it was not really targeting aviation – and so we had a very high comfort level in terms of our operations not being jeopardized," Samaddar said. The airport’s IT expert, who was on shift at the time, managed to shut down the compromised system within minutes of the attack, which began around 5:15 p.m. local time.
While the cyberattacks startled passengers and delayed flights, officials have repeatedly emphasized that there were no threats to flight safety or airport security. As David Shipley, CEO of Beauceron Security, told The Globe and Mail, the incident appeared to be more of a stunt than a serious attack. "It’s like it’s the cyber equivalent of someone running around saying ‘I’m cool’ – the moment that you say you’re cool, you probably aren’t," he quipped, noting the lack of ransom demands or evidence of sophisticated tactics.
One group, calling itself "Siberislam," claimed responsibility for the hacks via onscreen messages and social media posts, according to The Canadian Press. The group’s social media accounts shared videos of the incidents and celebrated their media coverage. However, as of October 16, 2025, no major cybersecurity agencies or law enforcement bodies had officially confirmed the group’s involvement, and the investigation remained ongoing. Canadian authorities, including the Royal Canadian Mounted Police, Transport Canada, and the Canadian Air Transport Security Authority, confirmed they were cooperating and assisting in the investigation.
These attacks are part of a broader trend of pro-Palestinian hacktivism since the outbreak of the 2023 conflict between Israel and Gaza. According to CNN and AFP, hacktivist collectives have claimed hundreds of attacks on transportation, finance, and government targets globally over the past two years. In June 2025, the FBI reported that a criminal group had penetrated the computer networks of several airlines in the U.S. and Canada. A month later, a software outage—attributed to hackers—caused widespread chaos at major European airports, disabling check-in systems used by dozens of airlines. One collective, known as the Dark Storm Team, has previously targeted U.S. airports, NATO servers, and Israeli infrastructure.
Experts caution that the latest incidents highlight the growing vulnerabilities of airport networks, which have become increasingly dependent on cloud-based audio and display systems. The 2025-26 forecast from the Canadian Centre for Cyber Security warns that state-sponsored actors are "very likely targeting critical-infrastructure networks in Canada and allied countries to prepare for possible future disruptive or destructive online attacks." China’s cyber program, in particular, is cited as the most sophisticated and active threat to Canada today.
For now, the airports affected by the October 14 attacks are working to patch security loopholes and restore normal operations. Phillip Elchitz, director of operations and innovation at Kelowna International Airport, told CBC News, "We’re working with our service providers to better understand how these files ended up on these screens and on the PA system. And obviously we want to make sure that whatever security loopholes that existed within those systems are shut down completely so this doesn’t happen again."
As the investigation continues and airports worldwide take stock of their digital defenses, the events of October 14 serve as a stark reminder: in an era of cloud-based convenience, even the most routine travel hub can become a stage for global cyber conflict in a matter of seconds.