Based on coverage from CBC, CTV, Global, CityNews Vancouver, and Times Colonist.
In a cybersecurity breach that has raised eyebrows across Canada, hackers managed to infiltrate the public address and flight information systems at three Canadian airports on Tuesday evening. The incidents occurred at Kelowna International Airport and Victoria International Airport in British Columbia, as well as Windsor International Airport in Ontario. The breaches resulted in the broadcast of unauthorized messages, some of which contained pro-Hamas and anti-Trump sentiments.
Kelowna International Airport was notably affected, with both its terminal screens and PA system compromised. According to Phillip Elchitz, the airport's director of operations and innovation, the unauthorized messages included statements like "Israel lost the war, Hamas won," and derogatory remarks about U.S. President Donald Trump. The breach was brief, with the PA system restored in about 20 seconds and the screens cleared in a few minutes. However, the incident did cause some flight delays, with two flights reportedly impacted.
Victoria International Airport experienced a similar breach, though it was limited to its PA system. A spokesperson for the airport explained that the unauthorized audio was uploaded externally through a cloud-based system used by many airports worldwide. The broadcast was stopped quickly, and the airport reported no operational disruptions or delays.
Transport Canada has confirmed that it is working closely with federal security partners and law enforcement to investigate these incidents and ensure the safety and security of airport operations. The Canadian Centre for Cyber Security is also aware of the breaches. While the exact method of the hack remains under investigation, it appears that a third-party cloud-based software provider was involved, at least in the case of Kelowna.
Interestingly, this was not an isolated event. Harrisburg International Airport in Pennsylvania also reported a similar breach, where an unauthorized political message was broadcast over its PA system. The message, while political, did not contain any direct threats to the airport or its passengers.
The group claiming responsibility for these hacks, identified as "Siberislam," has shared videos of the incidents on social media. This has added a layer of complexity to the investigation, as authorities work to determine the group's motives and the extent of their capabilities.
The incidents highlight a growing concern in the aviation industry regarding cybersecurity. With airports increasingly relying on digital systems for operations, the potential for cyberattacks poses a significant risk. Gordon Phillips, a regional vice-president with cybersecurity firm Fortinet, noted that Canada experienced 12 billion cyberattacks in the first half of 2025 alone. He emphasized the importance of constant threat exposure management and cybersecurity awareness in preventing such breaches.
As investigations continue, airports are likely to review and strengthen their cybersecurity measures to prevent future incidents. Transport Canada has assured the public that it is taking steps to mitigate the potential consequences of cyberattacks on transportation safety and operational efficiency. Meanwhile, passengers are advised to stay informed and patient as airports work to enhance their security protocols.
